GET flemmix.zip/checkimg.php?urli=stream-vf-20a5-f1ba-9cc7-4dc3.jpg
200 OK 15 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-20a5-f1ba-9cc7-4dc3.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2025-06-30
Last Seen 2025-07-29
Times Seen 10
Size 15 kB (14992 bytes)
MD5 e8424d07adeca2b7ff965035f6e1f630
SHA1 f395eb008094f8d3b8bf94a7f70748e931d8ad8c
SHA256 683249d96e9efea7981177fa2d5e80edf40c4efe3c63f0096a531adabec2bcc9
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-20a5-f1ba-9cc7-4dc3.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
cf-ray: 9638df9cab0c0b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GDHLpANLqDbp0UjRs15K%2Bt3j%2FysyKaYRWorjHiPljoLImdeKOcewgb52NGpOB0m79sKoSgqM2rfwbtegmPgUDMbHTVfaU9iBQpcbkcEjrj%2FLYMPAWI9MTgfY71exJA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=891&min_rtt=447&rtt_var=467&sent=121&recv=116&lost=0&retrans=1&sent_bytes=94645&recv_bytes=7992&delivery_rate=28710344&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=626&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/checkimg.php?urli=stream-vf-3a61-0ae7-d11e-4740.jpg
200 OK 21 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-3a61-0ae7-d11e-4740.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2024-12-22
Last Seen 2025-07-29
Times Seen 23
Size 21 kB (21109 bytes)
MD5 fccc5a66f4ec460ef7b1db30a30c413f
SHA1 497e9dec6ebde9d115de7f2fd99914934e31a8f7
SHA256 1458a12915a2bbfc5b7851d0ccee7d3014749a6644142e457a68ac6f3460bcf5
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-3a61-0ae7-d11e-4740.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 21109
cf-ray: 9638df9ccb390b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qLoqNGYP6DkxBi5QNUGhb9LiZZb7eh%2B%2BJ3CmbRtzs6aKccfPlMhjN6QMUmQMpyH5VUp7cJmwQxryKg7FdARXGAArLpJr76JQ5S4A49DBzVpDe8xsaxqtFyjrMHLTkA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=682&min_rtt=395&rtt_var=129&sent=290&recv=166&lost=0&retrans=1&sent_bytes=307334&recv_bytes=8810&delivery_rate=35553571&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=646&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/checkimg.php?urli=stream-vf-cb6c-096a-7c51-4faf.jpg
200 OK 25 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-cb6c-096a-7c51-4faf.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2025-07-23
Last Seen 2025-07-25
Times Seen 2
Size 25 kB (25300 bytes)
MD5 488bac9947c0cf854336606e843fcb8c
SHA1 666e97408d8f8006bdb4a78865b4f1b8e67f652f
SHA256 1e877d8af797ccbf92cc8a04f863e949daf1c8c65b5c8b8b0485ab44b73e45ea
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-cb6c-096a-7c51-4faf.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 25300
cf-ray: 9638df9cfb6d0b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XCIEXttoFSHAW%2FAmXa1OFzMaJRMAa2B4WGibyOYHJWEdeqojItPxrG6%2F4tptFZG%2FJLrQ3D3%2FnGVHW6iZjWFQ2tsZRYTx79vzZmjErHL2WWVdmsl0vGH0j2q%2FdV7kug%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1198&min_rtt=395&rtt_var=1133&sent=613&recv=205&lost=0&retrans=1&sent_bytes=711034&recv_bytes=8810&delivery_rate=48406976&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=677&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/checkimg.php?urli=stream-vf-332b-99c7-52d1-482d.jpg
200 OK 26 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-332b-99c7-52d1-482d.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2023-05-11
Last Seen 2025-07-29
Times Seen 118
Size 26 kB (25903 bytes)
MD5 f40fa6638952e76ecff7d80df58d09ca
SHA1 068a4f06171dd4d3adea59055eca9c1ca1b9092a
SHA256 101cd88f97c103f4966c9f3c13734b95c53defe9343703c52f5692ccaa20d067
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-332b-99c7-52d1-482d.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 25903
cf-ray: 9638df9d6beb0b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=En3moMXO%2BWn0J7Vn%2FHLeYdX%2Fvf085CK6CmCyy2MyAVd5JNDGJpZj9odsCzmAcmfk5WpaXoJ0%2BjfmIgcLc%2FYxsfas%2FAfImHQ%2BWdYTQ4I01FpxCXGKVU9R%2FbVuTsu%2BYw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1109&min_rtt=395&rtt_var=802&sent=1054&recv=270&lost=0&retrans=1&sent_bytes=1217942&recv_bytes=8810&delivery_rate=48406976&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=750&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/templates/flemmixnew/images/logo.png
200 OK 9.1 kB URL
flemmix.zip/templates/flemmixnew/images/logo.png
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type PNG image data, 400 x 154, 8-bit/color RGBA, non-interlaced
First Seen 2023-05-11
Last Seen 2025-07-29
Times Seen 134
Size 9.1 kB (9120 bytes)
MD5 ce5339a0a9c2a9463c06eb3e93e8a727
SHA1 ef155c848e7cea9b7ded7fa49acfadf582357a15
SHA256 63ed95e71352aa9d95b81d6e04fbad5063d8d4936049ce317d56f6eb0f8c13f6
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /templates/flemmixnew/images/logo.png HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/templates/flemmixnew/style/styles.css?v=9.919999
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 23 Jul 2025 05:45:46 GMT
content-type: image/png
content-length: 9120
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KwQc9k6QDeVyadxpqcrMGt4Rt%2FEdvKdR2fiLdie4WIaSUElW68NZXc4gHyjwJRvAhjuENCxTwqIk2mbC8NOCEPnWxCoHRLB%2FUHZEFzbbwm7M5dkexsR3IyQHK0EKTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
expires: Tue, 29 Jul 2025 01:02:55 GMT
last-modified: Wed, 16 Jul 2025 13:43:39 GMT
etag: "23a0-6877ac8b-1b1b5903ac9d2c2e;;;"
accept-ranges: bytes
x-turbo-charged-by: LiteSpeed
age: 104800
cf-cache-status: HIT
cf-ray: 9638dfa11fe95691-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3280&min_rtt=176&rtt_var=2839&sent=125&recv=163&lost=0&retrans=0&sent_bytes=18897&recv_bytes=11042&delivery_rate=684323&ss_exit_cwnd=15116&ss_exit_reason=2&cwnd=14000&unsent_bytes=0&cid=0c0cb8fa5c46c838&ts=1035&inflight_dur=70&x=40"
GET flemmix.zip/engine/classes/js/dle_js.js
200 OK 29 kB URL
flemmix.zip/engine/classes/js/dle_js.js
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JavaScript source, ASCII text, with very long lines (29127), with no line terminators
First Seen 2023-03-14
Last Seen 2025-07-29
Times Seen 120
Size 29 kB (29127 bytes)
MD5 8bbf490f0b4b687079602ba8e4b5901a
SHA1 2a012c12b71fe17905fd716f07fb18e036b1583b
SHA256 e178fd236a39af9b4b75f8645650cc14dab23cede1bbe6ae29c48b0f40c9f0a5
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /engine/classes/js/dle_js.js HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 23 Jul 2025 05:45:46 GMT
content-type: text/javascript; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fzhTlOuLvMQzXFXLFP%2FpJfq%2Bm48eSTve04VcI250tUM%2BrgPoSTaH7pvZjfG3NOg%2Fn8Syp5kXT01dJ2UX%2FAYPN5QAaJoEfNKdyR9WCszD4AaqelYrGvmnQO3hbns%2BwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Wed, 16 Jul 2025 13:40:05 GMT
etag: W/"71c7-6877abb5-d7cc65de36d81a58;br"
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
age: 6394
cache-control: max-age=14400
cf-cache-status: HIT
content-encoding: br
cf-ray: 9638dfa13ff15691-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2951&min_rtt=176&rtt_var=2787&sent=131&recv=166&lost=0&retrans=0&sent_bytes=27297&recv_bytes=12041&delivery_rate=684323&ss_exit_cwnd=15116&ss_exit_reason=2&cwnd=14000&unsent_bytes=0&cid=0c0cb8fa5c46c838&ts=1044&inflight_dur=78&x=40"
GET flemmix.zip/checkimg.php?urli=stream-vf-31ee-444e-2db1-46ab.jpg
200 OK 13 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-31ee-444e-2db1-46ab.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2025-06-15
Last Seen 2025-07-29
Times Seen 13
Size 13 kB (12911 bytes)
MD5 3466ca9922cd1c643b596e731eba0f99
SHA1 46bc8debd03d5330644a4834330c71d48230bc39
SHA256 57f3b82048b5c1b68331b6df903366e365a7eef53df1e38a6bc338ff5e834e06
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-31ee-444e-2db1-46ab.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
cf-ray: 9638df9cbb1c0b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MTp6ZW0L9VhD5hEFNv8ujVPyw%2BtxzFSNfMRgjdo%2FayAAXZ40IKGHFnbSIPl6FzzKRGn%2B5wuN%2FfZFXWXOIYLp01zOboA9fpIwp27MKAfkMpgBe6V0r%2Bd6v33m77ODug%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=864&min_rtt=426&rtt_var=391&sent=212&recv=152&lost=0&retrans=1&sent_bytes=205564&recv_bytes=8723&delivery_rate=35553571&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=637&x=0"
X-Firefox-Spdy: h2
GET www.google.com/recaptcha/api.js
200 OK 1.0 kB URL
www.google.com/recaptcha/api.js
IP / ASN
142.250.74.68
#15169 GOOGLE
Requested by https://flemmix.zip/
Resource Info
File type JavaScript source, ASCII text, with very long lines (1017), with no line terminators
First Seen 2025-07-22
Last Seen 2025-07-31
Times Seen 974
Size 1.0 kB (1017 bytes)
MD5 683e3fbda052b5ef8a02c45072427b61
SHA1 2d29d260a122c589dc7bd000f9b9a72db4855f47
SHA256 e978b36c676da279dc5ed5840b3f45d6ea6794f628ffe1731903f9e7ea532364
Certificate Info
Issuer Google Trust Services
Subject www.google.com
Fingerprint 18:68:D7:A6:6E:58:DB:F0:4B:B6:53:AF:BA:2B:82:59:4F:36:D8:73
Validity Mon, 23 Jun 2025 08:42:14 GMT - Mon, 15 Sep 2025 08:42:13 GMT
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Wed, 23 Jul 2025 05:45:46 GMT
date: Wed, 23 Jul 2025 05:45:46 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET flemmix.zip/checkimg.php?urli=stream-vf-7c24-1a01-dd92-4a9f.jpg
200 OK 12 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-7c24-1a01-dd92-4a9f.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2025-07-18
Last Seen 2025-07-29
Times Seen 6
Size 12 kB (11680 bytes)
MD5 76ca4f2e043c0917ed93bab780ff63ed
SHA1 4e26f2b85aadaab1cba5990eb300588eddeb233e
SHA256 81cc02657123f099f114eb3e0697d526f4e9e9c7c9cde6fe94dba428d4d4b338
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-7c24-1a01-dd92-4a9f.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 11680
cf-ray: 9638df9c9b070b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FdKOL2AZ%2Bsiln%2F4BA6A4FrfIS5sjDeFSQw4pxJNZIkr33llc%2FgpZCfTLFk8bwKm9m%2Fj%2Bsb9mZGHaZmhOLp5eLc4Av72mjTnWq525t%2BYa1JJaX4PbK0zKVLmjgxx53g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1668&min_rtt=447&rtt_var=1659&sent=98&recv=105&lost=0&retrans=1&sent_bytes=67496&recv_bytes=7992&delivery_rate=23381776&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=620&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/checkimg.php?urli=stream-vf-be24-e631-7923-4cd6.jpg
200 OK 24 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-be24-e631-7923-4cd6.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2025-06-01
Last Seen 2025-07-29
Times Seen 18
Size 24 kB (23491 bytes)
MD5 0b52631773e7c3f4ba917ef0593ebf76
SHA1 f582faaa4f1ebf9d5d2020443de3cad5c72636bb
SHA256 7d55d507661dcfa062a151842d90ef40f69d24294a42caa8fcc7ad9074ef788c
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-be24-e631-7923-4cd6.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 23491
cf-ray: 9638df9ccb2e0b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xBaJUePQraK93L%2Fqe%2BttjyEggeU%2BVbICqnO7HbWFaO1eQz1JT%2FFpFsEm%2BsiBVRhmD2vPQ6k7umNVQY5Pt71wXuw1boKFxMRdPMxugxQJmYriOYL1V%2FuYUsvIArNkFg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=648&min_rtt=395&rtt_var=99&sent=461&recv=193&lost=0&retrans=1&sent_bytes=524345&recv_bytes=8810&delivery_rate=48406976&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=660&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/checkimg.php?urli=stream-vf-bf6a-fbd5-a2b3-4cf1.jpg
200 OK 15 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-bf6a-fbd5-a2b3-4cf1.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2025-06-14
Last Seen 2025-07-29
Times Seen 15
Size 15 kB (14927 bytes)
MD5 d10713bb5d1237c3be4b4928e0c886b2
SHA1 ef00886e32ffbf5406a8918bdf115716556f13e1
SHA256 54b5d62343c800098b5d1d2da8cbd758411c7eb960729c4e544f7572c755b57a
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-bf6a-fbd5-a2b3-4cf1.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 14927
cf-ray: 9638df9ccb3d0b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HzgePtgXP7pUBdmZfgQDlUiWNlQrP9up2i6zmdxXO5HpXM5FLFtdQiZ29GrkCZA0d5NgNr%2FmJZl9VxkKq7hg1XOXoNFx9yvsrHH7EAw2aug4oQZCfJtsLuH8DUdm%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=648&min_rtt=395&rtt_var=99&sent=472&recv=193&lost=0&retrans=1&sent_bytes=539041&recv_bytes=8810&delivery_rate=48406976&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=661&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/checkimg.php?urli=stream-vf-ef51-597a-57c7-487f.jpg
200 OK 16 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-ef51-597a-57c7-487f.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2025-07-23
Last Seen 2025-07-23
Times Seen 1
Size 16 kB (15977 bytes)
MD5 69853b7d829fd6ba28b10fd1e5c587e3
SHA1 7270f3a23ea890117352349d47a9c691eea9e773
SHA256 b10bdf6c27ef9d8e02e42881b6b7987c5d515e0fe852fe045507b190cb22e906
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-ef51-597a-57c7-487f.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 15977
cf-ray: 9638df9cfb600b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AV6mpQxwe6q5m5fvG6kQ%2F1YHIAlhPAfYtTITBpwLgOaCXgM5raQ3X8%2BgarayxXTmxVqOf%2Fwx3NwMV%2B794daBGdt485sQ2WWX3IgtykHSESjpv3YceMXlGmdqQmlJYA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=977&min_rtt=395&rtt_var=658&sent=660&recv=210&lost=0&retrans=1&sent_bytes=770032&recv_bytes=8810&delivery_rate=48406976&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=678&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/checkimg.php?urli=stream-vf-3cc3-c800-ba63-4fbb.jpg
200 OK 20 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-3cc3-c800-ba63-4fbb.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2025-07-23
Last Seen 2025-07-23
Times Seen 1
Size 20 kB (20363 bytes)
MD5 d11631b6da21946737de8b524fc7d270
SHA1 4be1ed7cb4821ad19b7c7f58656540d7ef9924e5
SHA256 f97214566d2e8c0cb613e7f2ad8c83c4c933f67e5b846d52bf66d96a24212661
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-3cc3-c800-ba63-4fbb.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 20363
cf-ray: 9638df9cfb760b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qiFgt5Hzv7B4mNzt%2FdU3tpH1lOKeK4KgqLCquXnOg0XcKxaFOT%2BeFGodHBk9aOoNdPluBqV%2FHwIFPSqW35nQNvFKwf5CCk%2FTnKWBiTS660wxD1J0Ez60OpCm1EtUTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=792&min_rtt=395&rtt_var=171&sent=694&recv=222&lost=0&retrans=1&sent_bytes=811583&recv_bytes=8810&delivery_rate=48406976&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=682&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/checkimg.php?urli=stream-vf-9ece-1eef-0f4f-46f1.jpg
200 OK 11 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-9ece-1eef-0f4f-46f1.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2025-07-16
Last Seen 2025-07-29
Times Seen 7
Size 11 kB (10658 bytes)
MD5 0a110cdd13b7b756dd1db19d3c98c237
SHA1 3f5e596d7b78b6b6a0f9a9f8de2749003f18f112
SHA256 58fc556ce89f073d3445863f1a305afa28adffcaca3e54763202f1b2056edf14
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-9ece-1eef-0f4f-46f1.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
cf-ray: 9638df9cab0b0b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=avFyPkPiGU3%2FAp09HA3xgFNFPqQ96Fc3gZ6Ahi5081MGbJUd72%2FNQeFxdXAJfTYsQ8mXPMOZjnflkkXZufrjGjGeEjYpT1%2B1iZKLNbPUBsTN8mzJ8qlpODjA8jfRZg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=891&min_rtt=447&rtt_var=467&sent=133&recv=116&lost=0&retrans=1&sent_bytes=109441&recv_bytes=7992&delivery_rate=28710344&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=626&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/templates/flemmixnew/images/favicon.png
200 OK 1.7 kB URL
flemmix.zip/templates/flemmixnew/images/favicon.png
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
First Seen 2023-05-11
Last Seen 2025-07-29
Times Seen 136
Size 1.7 kB (1697 bytes)
MD5 2a1aa382716498176dc8dbddb02b3362
SHA1 48670096694c27db5f0d3920e355f0de9d44860e
SHA256 7aeb371b2f5ee10632795488f6d7f87b6d62bc92a059c3b61362e313cff2c8e8
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /templates/flemmixnew/images/favicon.png HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 23 Jul 2025 05:45:46 GMT
content-type: image/png
content-length: 1697
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xFYykKYC%2BAO2uklnzbvwVcBcZcmVXTR6DgxUN8Ok1zprKBh7445CCIgw%2BwtqxoVh5fCZPeGkgPNq0aqsZDi9lHYCbVWf9KYw4ASqsFBdhFklOafEzTExXpEpJX8x0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
expires: Tue, 29 Jul 2025 01:03:21 GMT
last-modified: Wed, 16 Jul 2025 13:43:38 GMT
etag: "6a1-6877ac8a-3f53fc56d3e52b7;;;"
accept-ranges: bytes
x-turbo-charged-by: LiteSpeed
age: 104775
cf-cache-status: HIT
cf-ray: 9638dfa23ff75691-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=812&min_rtt=0&rtt_var=458&sent=283&recv=188&lost=0&retrans=0&sent_bytes=228993&recv_bytes=13317&delivery_rate=11340541&ss_exit_cwnd=15116&ss_exit_reason=2&cwnd=14000&unsent_bytes=0&cid=0c0cb8fa5c46c838&ts=1209&inflight_dur=160&x=40"
GET flemmix.zip/checkimg.php?urli=stream-vf-e89a-3d3b-6094-46d1.jpg
200 OK 17 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-e89a-3d3b-6094-46d1.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2025-06-04
Last Seen 2025-07-29
Times Seen 15
Size 17 kB (16991 bytes)
MD5 5421a299bc89e3e4df64fa1971091350
SHA1 972320e3f27e698c38625a2b8b430e7e91f4d90f
SHA256 00736c2c76ef3b3d2d89bf3ddc3f32d677a7be331d9ad6599938ea76a77de569
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-e89a-3d3b-6094-46d1.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 16991
cf-ray: 9638df9cbb280b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J3K8sMu1sPPVUBd42m2L%2FH%2Fil3ithgsWqn0VKVUe7chby83lp1CYMcAIEF0ZYN9wAy7LOnW9A4ZfBiv3Q%2F44xIEbzC3SM4Q6vAgLNaLpVumRLyEqVGm383tX13dsCA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=639&min_rtt=395&rtt_var=87&sent=450&recv=191&lost=0&retrans=1&sent_bytes=509596&recv_bytes=8810&delivery_rate=42697435&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=659&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/checkimg.php?urli=stream-vf-4261-ef9a-ffcc-491b.jpg
200 OK 19 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-4261-ef9a-ffcc-491b.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2025-06-01
Last Seen 2025-07-29
Times Seen 18
Size 19 kB (18869 bytes)
MD5 f8e9aa21c32fc839621f03c8ee633a04
SHA1 ae6e95b3c1df794b3f3d67d2e475dc092d2411b1
SHA256 4c203c2615e234977d63dcdfdd8c8643ddd2ee5b5911a524f3175499f15eb155
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-4261-ef9a-ffcc-491b.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 18869
cf-ray: 9638df9ccb310b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nzjIFCIZ5GHmX1NpkERrs%2Fm%2FPza1EmTvFpIhuj14Qxnt4sLU4cZvHCIM3J2gCJJncI%2FhKGvQMOyKtbHRY2jD%2Bs9HOcwugOtkmur0ukrJK0kY03tJb0PTn4WF4ewarg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=682&min_rtt=395&rtt_var=129&sent=301&recv=166&lost=0&retrans=1&sent_bytes=322025&recv_bytes=8810&delivery_rate=35553571&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=647&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/checkimg.php?urli=stream-vf-1bb4-cc5a-277a-4c13.jpg
200 OK 17 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-1bb4-cc5a-277a-4c13.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2025-07-23
Last Seen 2025-07-23
Times Seen 1
Size 17 kB (17343 bytes)
MD5 dbe6282af1fb988fd3c515f6a29736bb
SHA1 759845d76a50d8dda036ea6c1af8bb566b922e01
SHA256 199272f901e9fc47e4044bea042165935f5984ad5e8da85693c25e349f88958b
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-1bb4-cc5a-277a-4c13.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 17343
cf-ray: 9638df9cfb640b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7bn%2F76Ef0uFMWtSPC0lmoC0NGOnyX95srY1OhtSScP02l1gOuSmM9BZVaekdMt6JHADcR%2FhjKg%2B7fBVEA6%2FfH%2FbeHDerWAgmiGGpHy0S%2FEyVdsd7KigC6w57yY%2F5JQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1151&min_rtt=395&rtt_var=943&sent=637&recv=206&lost=0&retrans=1&sent_bytes=740553&recv_bytes=8810&delivery_rate=48406976&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=678&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/checkimg.php?urli=stream-vf-ca26-755c-425e-4b90.jpg
200 OK 14 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-ca26-755c-425e-4b90.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2023-10-24
Last Seen 2025-07-29
Times Seen 113
Size 14 kB (14304 bytes)
MD5 de7364dd152fdc299eac033b8f37972c
SHA1 2506735570ec448903d33e11c98e8412c9f52b2d
SHA256 487fc885fadc7ed8ca9d27a64cd40abbff998793215402264d3dccb26044451f
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-ca26-755c-425e-4b90.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 14304
cf-ray: 9638df9d6bed0b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ryORZhbeA%2FYeNqbiQ4%2ByhSe2t2ou%2B86Jfxk7DxlVbEqHhH1U8fbDQK7ALfygbp7KWFFdYLoBEYoSTZfe7zOQyMYYAbyWNYGIXVF5EXAksry4A5NrQgj2%2Bdh%2BciV3tw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1470&min_rtt=395&rtt_var=963&sent=916&recv=246&lost=0&retrans=1&sent_bytes=1068680&recv_bytes=8810&delivery_rate=48406976&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=717&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/engine/editor/css/default.css
200 OK 2.5 kB URL
flemmix.zip/engine/editor/css/default.css
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type ASCII text
First Seen 2023-04-08
Last Seen 2025-08-01
Times Seen 418
Size 2.5 kB (2475 bytes)
MD5 cc21ca877727f912ec1076a5532d0b6b
SHA1 afbec861ea4317a0572a5d8cc5ee97cb0aced57d
SHA256 f55a11baf33fb17425e40acd9266d2277424db4e0ae3bf3c703418de8b13101d
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /engine/editor/css/default.css HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: text/css; charset=UTF-8
content-length: 590
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control: public, max-age=604800
expires: Tue, 29 Jul 2025 01:02:56 GMT
last-modified: Wed, 16 Jul 2025 13:40:26 GMT
etag: "9ab-6877abca-67940bd50a84ab4f;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
server: cloudflare
x-turbo-charged-by: LiteSpeed
age: 104799
cf-cache-status: HIT
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=3RvQI2arajhruKpu%2BoDCLq5D17q6S1GhJiorN3sT0NB1wKiSg%2FvNAvwZpE25uFomPGaZ%2BjiUKgF8fBoJkNUMCc3%2F4fJK2LpKMQ%3D%3D"}]}
cf-ray: 9638df9d7bfc0b3d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET flemmix.zip/templates/flemmixnew/style/engine.css?v=1
200 OK 97 kB URL
flemmix.zip/templates/flemmixnew/style/engine.css?v=1
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type assembler source, ASCII text, with very long lines (13482)
First Seen 2023-05-11
Last Seen 2025-07-29
Times Seen 51
Size 97 kB (97338 bytes)
MD5 5511b878f3a882b33d90677ea298c88f
SHA1 395c7526fb77953d3aa30c213de48624570c0781
SHA256 2eea85f0c924c6424870787c268b51d375d92e15091b15cbe1f1ab3ac32ac18d
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /templates/flemmixnew/style/engine.css?v=1 HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: text/css; charset=UTF-8
content-length: 26704
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control: public, max-age=604800
expires: Tue, 29 Jul 2025 01:02:53 GMT
last-modified: Wed, 16 Jul 2025 13:43:42 GMT
etag: "17c3a-6877ac8e-746083a17caf219f;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
server: cloudflare
x-turbo-charged-by: LiteSpeed
age: 104801
cf-cache-status: HIT
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=ObFVvAnTdg9fTE0tHv2GafolQRlm2GOSAIRA1AJzUtjeQyeLHheWq6LXnK%2FnswmyBzzW5%2B3A9LUdxJghq9Nmtkr1iLikOiRKpg%3D%3D"}]}
cf-ray: 9638df9c8afb0b3d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET flemmix.zip/checkimg.php?urli=stream-vf-fd7c-1cae-4a28-4943.jpg
200 OK 19 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-fd7c-1cae-4a28-4943.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2025-07-23
Last Seen 2025-07-23
Times Seen 1
Size 19 kB (19442 bytes)
MD5 2c4f5cb2a1289f833a89297d14aae69f
SHA1 b944315a9bc695e7572a97e3d0cc8dcb42a60a00
SHA256 adf67c4d9eaddcc61b35cf38acf940dff01135e17d7e9675ccff24301d4f4ce1
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-fd7c-1cae-4a28-4943.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 19442
cf-ray: 9638df9ceb5c0b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3F7t%2FwAO%2Ff7YNW480yRqCTvSXvgyC17IBYSkcDjYDKjFcAIDRiyuejOIWx8KMsSpLO3w%2F%2BQa34%2Bd%2Fy8fE2SYDKyrgoGWlF%2BNuEBLuMiSXQTRnzIexN7pKiRP%2BUgAtA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=697&min_rtt=395&rtt_var=174&sent=546&recv=204&lost=0&retrans=1&sent_bytes=626204&recv_bytes=8810&delivery_rate=48406976&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=673&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/checkimg.php?urli=stream-vf-9dae-8486-6c63-48e6.jpg
200 OK 16 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-9dae-8486-6c63-48e6.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2025-07-23
Last Seen 2025-07-23
Times Seen 1
Size 16 kB (15503 bytes)
MD5 754cc37b8fd0b203383241465a864854
SHA1 f5b002256a1b971bd9be802b36dc15f190c7eeb8
SHA256 12bad3a3ec2c30798cbeff87bcd30a6e52ba6ef5b4b3f79cfe9e792bc0f11de7
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-9dae-8486-6c63-48e6.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 15503
cf-ray: 9638df9cfb6f0b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iHRpF14HVNVhNiqVChwnT2AfXMew0Z1LzmpHT5Gg2sRfFkK5Loyov5%2BeclStwgTMSmPSAVmBPO3OHODkathsRBRcyIWKzj1xKzr8vM2wwJgGfIiPSB303LciPxBClg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1198&min_rtt=395&rtt_var=1133&sent=625&recv=205&lost=0&retrans=1&sent_bytes=725754&recv_bytes=8810&delivery_rate=48406976&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=677&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/checkimg.php?urli=stream-vf-dfcb-9f59-ccdc-4791.jpg
200 OK 21 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-dfcb-9f59-ccdc-4791.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2025-06-05
Last Seen 2025-07-29
Times Seen 19
Size 21 kB (21355 bytes)
MD5 615c1aa96fdf428f24d8c2861981b444
SHA1 6ba09d243a2bc5e27c5b10be9363b2d30b9b36b5
SHA256 b90a7b7275e9ab524f29798ac4b5c1199c5be9e84106d1718fbef6887f91c8f4
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-dfcb-9f59-ccdc-4791.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 21355
cf-ray: 9638df9d6bef0b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=14GBZbQ30SRwAWtYKpu9qbzbAjQunT8dT%2FsBhIDQzSbEaqJNHUQJB9hVwSq4bwmoA9dq25tmbMa8U487A%2F2AyasaZfZsImPTQwjdYya8%2FQixWpxycK5eeoXkq6VEJg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1262&min_rtt=395&rtt_var=949&sent=1043&recv=268&lost=0&retrans=1&sent_bytes=1203248&recv_bytes=8810&delivery_rate=48406976&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=749&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/engine/classes/js/custom.js?v=5
200 OK 2.9 kB URL
flemmix.zip/engine/classes/js/custom.js?v=5
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JavaScript source, ASCII text
First Seen 2023-03-14
Last Seen 2025-07-29
Times Seen 120
Size 2.9 kB (2858 bytes)
MD5 78b032a9487af32279dcdf4f59640816
SHA1 ec535565b35bdfb48589839a90b8b8ae0f7171fb
SHA256 521d281cedc317d6ea982458b58e1306cf768f4946676b2714b246de421f84fc
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /engine/classes/js/custom.js?v=5 HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 23 Jul 2025 05:45:46 GMT
content-type: text/javascript; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gVHQwkhBFRLmu7QSfEl5iOFmvicwcHTvT635R3v9DN%2F435KgcAEMfNSuxn9LdIfZkQzi%2FBdl2wEA%2FVcvE%2B29lH6K8Q33JfydBou%2BVadWus5D%2F6%2FPG5Dxs%2B7vZb3sSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Wed, 16 Jul 2025 13:40:05 GMT
etag: W/"b2a-6877abb5-1d5a8a47d7c42998;br"
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
age: 6394
cache-control: max-age=14400
cf-cache-status: HIT
content-encoding: br
cf-ray: 9638dfa13ff25691-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2951&min_rtt=176&rtt_var=2787&sent=133&recv=166&lost=0&retrans=0&sent_bytes=30097&recv_bytes=12041&delivery_rate=684323&ss_exit_cwnd=15116&ss_exit_reason=2&cwnd=14000&unsent_bytes=0&cid=0c0cb8fa5c46c838&ts=1048&inflight_dur=81&x=40"
GET flemmix.zip/checkimg.php?urli=stream-vf-73f0-d6c2-83fd-487f.jpg
200 OK 11 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-73f0-d6c2-83fd-487f.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2025-07-23
Last Seen 2025-07-23
Times Seen 1
Size 11 kB (11397 bytes)
MD5 111f613a63113464acc9991271f28518
SHA1 edb2ecee341d067ec3666a7b00e4e3af1255008f
SHA256 7811efa02ff019a7d484875b83f914a59116a32eb3902375cbfaf8e00a7a2b5f
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-73f0-d6c2-83fd-487f.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 11397
cf-ray: 9638df9cfb670b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dSs%2Fa3QGw%2FPwH%2BZbnecuLqRVwrGdV9bE6COa2axCone5yX7atX878EtA0VV9w6RZkrULwu4m6%2B42VGrrXVNwEPIszz17yrVEa5QbaX4SqdhbIrKnDFsKNipqVDsfcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=841&min_rtt=395&rtt_var=307&sent=678&recv=215&lost=0&retrans=1&sent_bytes=792574&recv_bytes=8810&delivery_rate=48406976&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=680&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/checkimg.php?urli=stream-vf-7f66-511c-2b54-475a.jpg
200 OK 22 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-7f66-511c-2b54-475a.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2023-05-11
Last Seen 2025-07-29
Times Seen 118
Size 22 kB (22295 bytes)
MD5 12e35f1531b239359712a2076591132c
SHA1 4a0dbae9119f1eaaf68e869737bdf74cc6897a48
SHA256 2b480df80122e7aa570c196b775be6cc6e4ee9de867b50f03c6832d282580fb7
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-7f66-511c-2b54-475a.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 22295
cf-ray: 9638df9d0b7e0b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NWCtIWuCVoOTF95RIY3XjGS%2FqlpxH3Q3iPAecxrgj2lFVyfZ4ccpUx%2BonT2so94F0NXjPzYhgrxOiLp7NboDM1xW2zvZAtRKDzdmTv476oWx3TD8BhLxvOfhapwjSA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=763&min_rtt=395&rtt_var=192&sent=760&recv=231&lost=0&retrans=1&sent_bytes=891645&recv_bytes=8810&delivery_rate=48406976&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=686&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/checkimg.php?urli=stream-vf-0920-3686-7b7c-4cd1.jpg
200 OK 16 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-0920-3686-7b7c-4cd1.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2025-07-05
Last Seen 2025-07-29
Times Seen 9
Size 16 kB (16308 bytes)
MD5 f386d12b4d5298884581b31ec72ea56d
SHA1 ab1db7e590a00943da5261fdfed81c3bb35387d5
SHA256 0ea72dc844ef7b6b0e5b54465369b721c5eb7d93a9d0ef31482daed4397c6000
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-0920-3686-7b7c-4cd1.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 16308
cf-ray: 9638df9d6be00b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hBX%2BbH4a2IImggp3KEzDSzG2KvHjmmGwfHnqhPY6Y36Ao8R%2FTTMS5Ldhdxk46Lls59%2BwQV%2FFj0tdyaFi1ZmdJef8gDi0qz6TyWGfibgic6s%2FMCd1PY%2BKoOJExGYLtg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1261&min_rtt=395&rtt_var=1015&sent=1010&recv=263&lost=0&retrans=1&sent_bytes=1161702&recv_bytes=8810&delivery_rate=48406976&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=743&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/engine/classes/js/jquery.js?v=4.2
200 OK 90 kB URL
flemmix.zip/engine/classes/js/jquery.js?v=4.2
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JavaScript source, ASCII text, with very long lines (65451)
First Seen 2023-03-07
Last Seen 2025-08-02
Times Seen 8202
Size 90 kB (89475 bytes)
MD5 12b69d0ae6c6f0c42942ae6da2896e84
SHA1 d2cc8d43ce1c854b1172e42b1209502ad563db83
SHA256 6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /engine/classes/js/jquery.js?v=4.2 HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 23 Jul 2025 05:45:46 GMT
content-type: text/javascript; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5jeiBbLL4e%2FuAUVdlzGrVGhNUesgvt4n3pnepXLxu8ujG1gEeZpB1587HzxRvpzRWWUbBLbDab%2Blr7r30aMdZxWfBlt2bCi9K7ntDcPjtGzsvmYtH0c5izjwjnHi1A%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Wed, 16 Jul 2025 13:40:06 GMT
etag: W/"15d83-6877abb6-c7b2be4e456cf37c;br"
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
age: 6394
cache-control: max-age=14400
cf-cache-status: HIT
content-encoding: br
cf-ray: 9638dfa13ff35691-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2951&min_rtt=176&rtt_var=2787&sent=133&recv=166&lost=0&retrans=0&sent_bytes=30097&recv_bytes=12041&delivery_rate=684323&ss_exit_cwnd=15116&ss_exit_reason=2&cwnd=14000&unsent_bytes=0&cid=0c0cb8fa5c46c838&ts=1048&inflight_dur=81&x=40"
GET flemmix.zip/engine/classes/js/jqueryui.js?v=2
200 OK 254 kB URL
flemmix.zip/engine/classes/js/jqueryui.js?v=2
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JavaScript source, ASCII text, with very long lines (32074)
First Seen 2023-03-07
Last Seen 2025-08-01
Times Seen 6519
Size 254 kB (253669 bytes)
MD5 c15b1008dec3c8967ea657a7bb4baaec
SHA1 78489e580adaef931e6e5b131dab556c397e4a1a
SHA256 28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /engine/classes/js/jqueryui.js?v=2 HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 23 Jul 2025 05:45:46 GMT
content-type: text/javascript; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FGWZyJXLl8ZRWP7D5VjmGXulY3t6x%2FCbxQOSq%2BAS1R%2BGqbUXMAanGaR%2Fz5NstaFCCsb9V5hsJraDUdv5%2BE%2BtebCdLo2JZSaBo5K7FJlcSGmKp6GsW9cCBlro2949cQ%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Wed, 16 Jul 2025 13:40:06 GMT
etag: W/"3dee5-6877abb6-d73747a6fcab61d2;br"
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
age: 6394
cache-control: max-age=14400
cf-cache-status: HIT
content-encoding: br
cf-ray: 9638dfa13ff45691-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2431&min_rtt=76&rtt_var=2516&sent=139&recv=168&lost=0&retrans=0&sent_bytes=37477&recv_bytes=12130&delivery_rate=855404&ss_exit_cwnd=15116&ss_exit_reason=2&cwnd=15780&unsent_bytes=0&cid=0c0cb8fa5c46c838&ts=1056&inflight_dur=90&x=40"
GET trizoicaequi.com/1clkn/35789
200 OK 6 B URL
trizoicaequi.com/1clkn/35789
IP / ASN
23.109.170.244
#7979 SERVERS-COM
Requested by https://flemmix.zip/
Resource Info
File type ASCII text, with no line terminators
First Seen 2023-03-07
Last Seen 2025-08-01
Times Seen 13713
Size 6 B (6 bytes)
MD5 9082dc37e5e8046929da411544ad071a
SHA1 41e0e3963ed94e59e8a2f115994c382712411537
SHA256 b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
Certificate Info
Issuer Let's Encrypt
Subject trizoicaequi.com
Fingerprint C3:2B:16:65:E9:32:29:5E:DB:BE:91:7D:C7:EA:7D:E3:C1:06:04:2C
Validity Thu, 26 Jun 2025 11:47:44 GMT - Wed, 24 Sep 2025 11:47:43 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /1clkn/35789 HTTP/1.1
Host: trizoicaequi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Jul 2025 05:45:45 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Set-Cookie: GL_UI4=eJw9zV1OhDAcBHC%2BWdcFnYQDeASKQHj1xSv4SAr9g3Wh3ZQKensbE32bTH6T8TwvKB7g78kZ4Sdv8MRY13Z1U3VlPXa8GoaubZtyaLqSVc00NbiTW2%2F5sJCNcNpWbmxv9wiXmRQZOfajFpTh0am%2F5qr0oSLEg%2BFKZIhXJ5YM6WD0sZEpQkSKr4T0VRqa9JcT%2FEMbhOy5dlkql%2F0Sgd6KMD8jfZNKuGV%2BQcDKPE883N8Wbidt1l6KxEc8Gy4I%2FgtOI7c0a%2FONVNB2tfoG6EX0%2F%2F73ODxYiUTQLkdCrO07mR%2B4dk3m; expires=Thu, 24-Jul-2025 05:45:45 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Thu, 24-Jul-2025 05:45:45 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
GET flemmix.zip/checkimg.php?urli=stream-vf-ddbc-4312-9640-434b.jpg
200 OK 20 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-ddbc-4312-9640-434b.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2025-06-30
Last Seen 2025-07-29
Times Seen 10
Size 20 kB (19651 bytes)
MD5 218239f081048e9e7d7703a3e8551194
SHA1 04090acdac29c6e250adf37a2fa610966757850e
SHA256 5c9856e8c5efe3780d9c478d9ad8cb64fe0c2edf056844791a8af89defa50380
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-ddbc-4312-9640-434b.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 19651
cf-ray: 9638df9cbb150b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6zZwgDolwQTMyBbhdgM63p%2FKY354YySkQ0peLYTgbE0ww14UjjFUp4q4jjoKl%2FYRJ79ol2aZ8dt461ogrooEanpzMQzzilT5y5mCpBB1PLydxUW7Ls7tPrMzvpNSNw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=682&min_rtt=395&rtt_var=124&sent=279&recv=164&lost=0&retrans=1&sent_bytes=292644&recv_bytes=8810&delivery_rate=35553571&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=645&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/checkimg.php?urli=7f8e-0452-85c1-4ed8.jpg
200 OK 26 kB URL
flemmix.zip/checkimg.php?urli=7f8e-0452-85c1-4ed8.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 250x371, components 3
First Seen 2024-12-22
Last Seen 2025-07-29
Times Seen 34
Size 26 kB (26226 bytes)
MD5 32be730e24aa8542366900cd90fdf3b2
SHA1 3b3f1db0b2215c594f6fe6ccb343f1f892979ca6
SHA256 64b835a4d003f13880fd31e1509cc2007a23e108358d6e1880c2fa46bcb87978
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=7f8e-0452-85c1-4ed8.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 26226
cf-ray: 9638df9d1b8e0b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b3sMWgsiZbZjvR2IT5CCexky86ilnhUIWzmXajjuDyX5A%2FowBivQjSYxKyE5wHn2332zS1k9kR3syD6gmHA5HIS5Et1EtPCeLDIxYKFR%2F6fQFUU53deG9N0re%2FgvvA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=872&min_rtt=395&rtt_var=384&sent=849&recv=237&lost=0&retrans=1&sent_bytes=992640&recv_bytes=8810&delivery_rate=48406976&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=702&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/checkimg.php?urli=stream-vf-437d-1894-77f2-430b.jpg
200 OK 24 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-437d-1894-77f2-430b.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2024-12-22
Last Seen 2025-07-29
Times Seen 35
Size 24 kB (24204 bytes)
MD5 1d196825255dad287be3e39b83aa83cf
SHA1 227432fe8f07a473d4d311c1e206d9c4abe88c97
SHA256 ca57b5f7ac5d3df39563d98dcd7e5ceb251b77fc0320c6bb8c5ee94755fc69e3
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-437d-1894-77f2-430b.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 24204
cf-ray: 9638df9d6be70b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AUmv4X1ARoPGXYSq7dDogcRxKEeQhx%2FmzSCqV9yJ0KJysJJ7aJv5nHtSAkVDmRo9oWWGCV%2Fb2EP1xr4BLpcdGH5dXlXBNiDlA%2FkEOJ8WjSgMlRrPss6X75%2FzbZSncQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=912&min_rtt=395&rtt_var=399&sent=1073&recv=275&lost=0&retrans=1&sent_bytes=1241663&recv_bytes=8810&delivery_rate=48406976&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=752&x=0"
X-Firefox-Spdy: h2
GET witv.soccer/templates/witv/images/witv-logo-w2.png
200 OK 4.6 kB URL
witv.soccer/templates/witv/images/witv-logo-w2.png
IP / ASN
104.21.52.63
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type PNG image data, 100 x 43, 8-bit/color RGBA, non-interlaced
First Seen 2025-03-15
Last Seen 2025-07-29
Times Seen 17
Size 4.6 kB (4617 bytes)
MD5 caa87b5ca4f77abcb54c555bc9ee6bde
SHA1 7ec8098b7e37c4517719419830ce9a3f158907b1
SHA256 70ff78deeaea1e734cd540f69d6c48ba1e18293d15b13f48a61b583fce7d38c0
Certificate Info
Issuer Google Trust Services
Subject witv.soccer
Fingerprint E1:3A:E4:72:1B:C1:02:6C:0B:F2:5A:E7:71:D8:13:98:F7:07:6D:36
Validity Sat, 14 Jun 2025 15:03:45 GMT - Fri, 12 Sep 2025 16:03:38 GMT
GET /templates/witv/images/witv-logo-w2.png HTTP/1.1
Host: witv.soccer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/png
content-length: 4617
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control: public, max-age=604800
expires: Thu, 24 Jul 2025 02:11:04 GMT
last-modified: Fri, 13 Jun 2025 22:03:40 GMT
etag: "1209-684ca03c-372fb86515fee418;;;"
accept-ranges: bytes
server: cloudflare
x-turbo-charged-by: LiteSpeed
age: 532706
cf-cache-status: HIT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=yumjOzgwMhNvUgtML5g0YxOxqHbFgWlZjXxBPSxUut2GEC9CTVGuWzKMRvR8%2BoxNfO%2F5gWrBu1pxRCd4C8mOIjp2U2aIzFykdA%3D%3D"}]}
cf-ray: 9638df9ded9d56b5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET flemmix.zip/checkimg.php?urli=stream-vf-42d9-d2c4-0104-4526.jpg
200 OK 16 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-42d9-d2c4-0104-4526.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2025-07-23
Last Seen 2025-07-23
Times Seen 1
Size 16 kB (15779 bytes)
MD5 e7387b942d122a469830d4811600d6a0
SHA1 fd949b2a5f8417a11a63aaaf6e5d30497314037c
SHA256 8e2fb525886cc3e4a2582dff6731d4ca7a0b53f923167b0fb3255aba853d4413
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-42d9-d2c4-0104-4526.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 15779
cf-ray: 9638df9cfb750b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N36AWCkhTjDKosG5stXTzX9XwMd6s%2Fp3jeOhYpwjQGXgnnnxQm%2B%2FfzMDWFFlCAHmL1zNBvXiXtD29B9KJ02s0ctXC6XWdXgVDC%2FKIiIWroVuV6nyf35Ba3LMSrRCEA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=763&min_rtt=395&rtt_var=192&sent=749&recv=231&lost=0&retrans=1&sent_bytes=876907&recv_bytes=8810&delivery_rate=48406976&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=686&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/checkimg.php?urli=stream-vf-7f86-efa9-c8a4-4475.jpg
200 OK 19 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-7f86-efa9-c8a4-4475.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2025-04-16
Last Seen 2025-07-29
Times Seen 21
Size 19 kB (19315 bytes)
MD5 f6e7d4dcc29653d718e366723898be32
SHA1 1adbabd6a5f1b95d47ab9d2bf454bda35ea4c04f
SHA256 53564a9d09f53bbaf9b05ec4b8ee70c132be1499c0b4dc93d74ecadf8fc1d630
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-7f86-efa9-c8a4-4475.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 19315
cf-ray: 9638df9cbb1d0b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=brMFa0YLbYxP3%2BtQeDNsZXCExREYdQ%2F0kNTwBwelxJypOY8Mpng0gzLTTkvfiktQC389aohh%2BRqsp8B3j1I1j4cmK9D1KZWLAozEDbwN5rd%2F1Vo3Sv0M6gaGCMYz%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=723&min_rtt=395&rtt_var=214&sent=245&recv=158&lost=0&retrans=1&sent_bytes=248433&recv_bytes=8723&delivery_rate=35553571&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=639&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/checkimg.php?urli=stream-vf-5b72-f616-96a7-4352.jpg
200 OK 20 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-5b72-f616-96a7-4352.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2025-06-01
Last Seen 2025-07-29
Times Seen 18
Size 20 kB (19668 bytes)
MD5 d77401445fa52ca94a8e28f2e3acf8d1
SHA1 529c54549b41014da42bdb47caa566dff50dec54
SHA256 ef37f9e7e2bc0dcb058bf4a4e62331eec1c1c09b3c8b1aac20cf5be86c461d32
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-5b72-f616-96a7-4352.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 19668
cf-ray: 9638df9cbb250b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hUtwKmXbC6mzrxZdWUOzY%2BsoWXjcwOWSe98RYXWFAoW8PTDA%2BRqPf%2BAMpo2Jg4jIcXJukMLkSodHSQO%2BbdOq9%2Fucpp9VzvV99hzk1s0Kz4MUsFWep6AGnaGlhNmbTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=637&min_rtt=395&rtt_var=115&sent=439&recv=189&lost=0&retrans=1&sent_bytes=494857&recv_bytes=8810&delivery_rate=42436944&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=659&x=0"
X-Firefox-Spdy: h2
GET rv.steeverapteryx.com/tWaoXkp36ho/33558
200 OK 5 B URL
rv.steeverapteryx.com/tWaoXkp36ho/33558
IP / ASN
23.109.170.27
#7979 SERVERS-COM
Requested by https://flemmix.zip/
Resource Info
File type ASCII text, with no line terminators
First Seen 2023-03-07
Last Seen 2025-08-02
Times Seen 7456
Size 5 B (5 bytes)
MD5 f7a2939527fd9e68723da600e96d76bd
SHA1 a9e717b6364d2895ee0a716050db32ca0ef1bb42
SHA256 d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a
Certificate Info
Issuer Let's Encrypt
Subject rv.steeverapteryx.com
Fingerprint E3:DD:9E:02:E0:44:4B:A9:5A:65:5D:4E:D3:7D:65:7B:78:E0:48:FF
Validity Thu, 17 Jul 2025 06:34:44 GMT - Wed, 15 Oct 2025 06:34:43 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /tWaoXkp36ho/33558 HTTP/1.1
Host: rv.steeverapteryx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Jul 2025 05:45:46 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://flemmix.zip
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9zV1OhDAcBHC%2BWdcFnYQDeASKQHj1xSv4SAr9g3Wh3ZQKensbE32bTH6T8TwvKB7g78kZ4Sdv8MRY13Z1U3VlPXa8GoaubZtyaLqSVc00NbiTW2%2F5sJCNcNpWbmxv9wiXmRQZOfajFpTh0am%2F5qr0oSLEg%2BFKZIhXJ5YM6WD0sZEpQkSKr4T0VRqa9JcT%2FEMbhOy5dlkql%2F0Sgd6KMD8jfZNKuGV%2BQcDKPE883N8Wbidt1l6KxEc8Gy4I%2FgtOI7c0a%2FONVNB2tfoG6EX0%2F%2F73ODxYiUTQLkdCrO07mR%2B4dk3m; expires=Thu, 24-Jul-2025 05:45:46 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Thu, 24-Jul-2025 05:45:46 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
GET flemmix.zip/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
200 OK 12 kB URL
flemmix.zip/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JavaScript source, ASCII text, with very long lines (12331)
First Seen 2023-03-07
Last Seen 2025-08-02
Times Seen 43328
Size 12 kB (12332 bytes)
MD5 88a769d2fe35899fd45a332a0a032cc0
SHA1 514c6c1d8475d17e412849a4c90159517d0fa10a
SHA256 ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: application/javascript
last-modified: Mon, 21 Jul 2025 10:44:57 GMT
cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"687e1a29-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YuE1nJKnU5AoeBdOWGCDXq2htArCnayn%2F2K6TveyZkqa6VJtm5SYXQVy9Ki9%2BOfVmP5gWMO5GmukFw28p1gEyI1zD1wMgnRnDmzlrX%2BucNpbDxFV3ovY3S9xzTEmzw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 9638df9defde5691-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Fri, 25 Jul 2025 05:45:45 GMT
GET flemmix.zip/templates/flemmixnew/js/jquery.lazyload.min.js
200 OK 3.4 kB URL
flemmix.zip/templates/flemmixnew/js/jquery.lazyload.min.js
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JavaScript source, ASCII text, with very long lines (3309)
First Seen 2023-03-07
Last Seen 2025-08-01
Times Seen 2426
Size 3.4 kB (3381 bytes)
MD5 112c8d1b40b3e62e883c743e9d71e0bf
SHA1 338318e930487b2791a7bcf53ad4601630cc41e2
SHA256 ad79ce7e34d1a788809bb853031133de2ae45f3c19ac4955dae46c7490188c2e
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /templates/flemmixnew/js/jquery.lazyload.min.js HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 23 Jul 2025 05:45:46 GMT
content-type: text/javascript; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7H2epDYzt9Ka0bECCpvK%2FT1HA9mBARbHfPUMdRuJOGTDcGijkxYd%2BENKVubqxcALcdmybn49MoZAhzZaLRtybso49UNxYBlbiuqxwLEhAZdGH9XajCJ3tRMsvNo5nQ%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Wed, 16 Jul 2025 13:43:41 GMT
etag: W/"d35-6877ac8d-dacc0ababbd8b4b8;br"
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
age: 6394
cache-control: max-age=14400
cf-cache-status: HIT
content-encoding: br
cf-ray: 9638dfa13fef5691-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2431&min_rtt=76&rtt_var=2516&sent=139&recv=168&lost=0&retrans=0&sent_bytes=37477&recv_bytes=12130&delivery_rate=855404&ss_exit_cwnd=15116&ss_exit_reason=2&cwnd=15780&unsent_bytes=0&cid=0c0cb8fa5c46c838&ts=1055&inflight_dur=90&x=40"
GET flemmix.zip/templates/flemmixnew/js/owl.carousel.min.js
200 OK 44 kB URL
flemmix.zip/templates/flemmixnew/js/owl.carousel.min.js
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JavaScript source, ASCII text, with very long lines (31997)
First Seen 2023-03-07
Last Seen 2025-08-02
Times Seen 19328
Size 44 kB (44342 bytes)
MD5 f416f9031fef25ae25ba9756e3eb6978
SHA1 e2a600e433df72b4cfde93d7880e3114917a3cbe
SHA256 a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /templates/flemmixnew/js/owl.carousel.min.js HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 23 Jul 2025 05:45:46 GMT
content-type: text/javascript; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VMf9p6TMoiK1HoDd%2FkP52etZDl3gDsUsRWlshLEUhtWGOER%2Fyw1b1lVMmeHhfyUM00t5k9YulcegtlGEYI0NBAs2CzNXM6MSF%2BTRidbvnJACJHPgbd4eocMflvu4Ww%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Wed, 16 Jul 2025 13:43:42 GMT
etag: W/"ad36-6877ac8e-3a570d841d0f2b57;br"
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
age: 6394
cache-control: max-age=14400
cf-cache-status: HIT
content-encoding: br
cf-ray: 9638dfa12fee5691-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3280&min_rtt=176&rtt_var=2839&sent=127&recv=164&lost=0&retrans=0&sent_bytes=21697&recv_bytes=11515&delivery_rate=684323&ss_exit_cwnd=15116&ss_exit_reason=2&cwnd=14000&unsent_bytes=0&cid=0c0cb8fa5c46c838&ts=1038&inflight_dur=73&x=40"
GET flemmix.zip/checkimg.php?urli=stream-vf-7746-ca84-0cc2-440d.jpg
200 OK 14 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-7746-ca84-0cc2-440d.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2025-03-15
Last Seen 2025-07-29
Times Seen 14
Size 14 kB (14226 bytes)
MD5 525db8cbfe36ec93b289a0f970139d37
SHA1 036ceadf652cdd13c62a9af1bad6461bced1c0ea
SHA256 e191d92d23417da3ef21d719859ffa9ddb29e453835c7cd07b2f6cac8ba71165
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-7746-ca84-0cc2-440d.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 14226
cf-ray: 9638df9ccb3b0b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I4f7tgLbTO6OQIu%2BaD7JnAyDILOWF43zvvWL70CnzdK1U18lwY16K91O5hO9wRFjdayh4v5FnVT1BAbCxLMsxtKWkPKehlsH%2Fm3whAG55G%2FYmVowdlTeVm0t14iA8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=619&min_rtt=395&rtt_var=99&sent=357&recv=177&lost=0&retrans=1&sent_bytes=394644&recv_bytes=8810&delivery_rate=42436944&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=651&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/templates/flemmixnew/js/libs.js?v=3
200 OK 4.9 kB URL
flemmix.zip/templates/flemmixnew/js/libs.js?v=3
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JavaScript source, Unicode text, UTF-8 text
First Seen 2025-05-11
Last Seen 2025-07-29
Times Seen 24
Size 4.9 kB (4869 bytes)
MD5 f09e8a538511d1631a964d1177e170c2
SHA1 bb4c80bb5b69c23d180376112dd95366eee52d39
SHA256 b010d496957663b2303af7853b8d411f4df54187184acd52098958065798f26e
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /templates/flemmixnew/js/libs.js?v=3 HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 23 Jul 2025 05:45:46 GMT
content-type: text/javascript; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BvQQ6cnMyR%2FEPXt9Z%2BYLQwYgLIOuhNUYfwTEKCYQbwsrv53MhPpskL5P37Es5CUY1%2B0ZoqG9iMtwnqWXB4Z2Cii%2F3gcqqnZ8CGTRPLGY6wW%2F%2B06W0BAKh6ypsAOSYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Wed, 16 Jul 2025 13:43:41 GMT
etag: W/"1305-6877ac8d-a713a8788454493f;br"
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
age: 6394
cache-control: max-age=14400
cf-cache-status: HIT
content-encoding: br
cf-ray: 9638dfa13ff05691-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2951&min_rtt=176&rtt_var=2787&sent=137&recv=166&lost=0&retrans=0&sent_bytes=34677&recv_bytes=12041&delivery_rate=684323&ss_exit_cwnd=15116&ss_exit_reason=2&cwnd=14000&unsent_bytes=0&cid=0c0cb8fa5c46c838&ts=1052&inflight_dur=88&x=40"
GET www.gstatic.com/recaptcha/releases/ngcIAHyEnHQZZIKkyKneDTW3/recaptcha__en.js
200 OK 792 kB URL
www.gstatic.com/recaptcha/releases/ngcIAHyEnHQZZIKkyKneDTW3/recaptcha__en.js
IP / ASN
142.250.74.99
#15169 GOOGLE
Requested by https://flemmix.zip/
Resource Info
File type JavaScript source, ASCII text, with very long lines (771)
First Seen 2025-07-22
Last Seen 2025-07-31
Times Seen 3141
Size 792 kB (792204 bytes)
MD5 6e293b2c2a7e9c604c5c0580369f5f27
SHA1 d0aae300d0a3cc6fbb283525beafd34fd8585fdd
SHA256 13ef4faf327d81294e4156ffc3517706114d054ebf2367decc77b6c9aedbc929
Certificate Info
Issuer Google Trust Services
Subject *.gstatic.com
Fingerprint 9A:5E:6D:44:D8:FB:03:E5:9A:13:6D:FF:53:DA:1C:8C:EA:3A:A7:AA
Validity Mon, 23 Jun 2025 08:41:27 GMT - Mon, 15 Sep 2025 08:41:26 GMT
GET /recaptcha/releases/ngcIAHyEnHQZZIKkyKneDTW3/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flemmix.zip
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha-scs"
report-to: {"group":"recaptcha-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha-scs"}]}
timing-allow-origin: *
content-length: 339847
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Jul 2025 21:50:27 GMT
expires: Tue, 21 Jul 2026 21:50:27 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jul 2025 02:01:33 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 114919
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET flemmix.zip/checkimg.php?urli=stream-vf-1f08-1b2d-2803-4cd8.jpg
200 OK 22 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-1f08-1b2d-2803-4cd8.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2025-07-05
Last Seen 2025-07-29
Times Seen 9
Size 22 kB (21485 bytes)
MD5 5d5f89eede9448015a9b4b9d22c84350
SHA1 7bc4f89fb7a2122c46dda8b79e19f1349285c470
SHA256 f6ec14c653b2bd3b4b09f6de1f98ee2fa5126d3e371349291ee952edd8625043
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-1f08-1b2d-2803-4cd8.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 21485
cf-ray: 9638df9cab0e0b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DXu0ZMmz%2F9Gz3PzbE4RLmiQU8cOY0ZJEDEMcUALvNBw7MvO3uai4jh4EE67zOXd%2FLLDXIXoYmfC9ueNZReVBtACNuNC%2BFP0Ty6pbAXUK0m311rn%2B5G77om4D%2FXKfZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=879&min_rtt=426&rtt_var=378&sent=189&recv=147&lost=0&retrans=1&sent_bytes=176947&recv_bytes=8514&delivery_rate=35553571&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=634&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/checkimg.php?urli=stream-vf-e470-e175-872b-45bd.jpg
200 OK 13 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-e470-e175-872b-45bd.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2025-03-15
Last Seen 2025-07-29
Times Seen 19
Size 13 kB (13152 bytes)
MD5 f8affdf8d4e29463d1afe23be69eda62
SHA1 c00e5f0cc8f7a2797c29921a37889915ca3ace1e
SHA256 e07405a1e51648707840704e98da03c3f32e438c9c36042d158823da5b9bb4d4
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-e470-e175-872b-45bd.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
cf-ray: 9638df9ccb2f0b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d89EIUI9Ns9l4Fg7AsN3nB4tDo%2FmOqkccX2U4G8KTYUkvF8QRjphSWHyq7uLharqdjDDTHxgL5yqlbORqjk%2FomYS8PNfkr5Yn0iiqXiVXpbCw6DtQ0trcYXbsjeTfA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=626&min_rtt=395&rtt_var=66&sent=334&recv=174&lost=0&retrans=1&sent_bytes=366310&recv_bytes=8810&delivery_rate=42436944&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=649&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/checkimg.php?urli=stream-vf-00a4-62da-6674-47b3.jpg
200 OK 17 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-00a4-62da-6674-47b3.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2025-06-01
Last Seen 2025-07-29
Times Seen 18
Size 17 kB (17114 bytes)
MD5 1b06961eb9d02f98364dea79117aad1b
SHA1 3f3eec6e8debccdc0f581709677e55a72f2bb0eb
SHA256 f1a07fc0f4ca1ec6ba67a9d23e95529b3032fbddb02c879298819052ab57906d
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-00a4-62da-6674-47b3.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 17114
cf-ray: 9638df9ccb330b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gmdKF2ztHKI8SxBBLF2gPxNEukITJCdPkv00vabUneqVbeMDOaWvFXZuhmBoiFMXhygQ1fFrtYFDnX9ZKUC7fkmJ609q7ZwK6NNyzgMODjs5ycdVtt8jRoNH7MeUAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=648&min_rtt=395&rtt_var=74&sent=323&recv=170&lost=0&retrans=1&sent_bytes=351563&recv_bytes=8810&delivery_rate=39273584&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=647&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/checkimg.php?urli=stream-vf-193b-4d5b-d7e3-4e37.jpg
200 OK 22 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-193b-4d5b-d7e3-4e37.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2025-06-01
Last Seen 2025-07-29
Times Seen 18
Size 22 kB (21968 bytes)
MD5 1b627c489331fa5985900855eb1ac1d4
SHA1 07160f26c715793c168b5e507ae4fa5bedc0967c
SHA256 18d266c34cef860dc9885f46a2c77c9b1c902f87519a61af81b5c6d0f8194fea
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-193b-4d5b-d7e3-4e37.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 21968
cf-ray: 9638df9cbb1f0b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Uz0njI1D971mENuNeLEVGEvkhy4u8B7%2BX8egWRVlAo%2BxRNYqam58Lh%2F9ENjjJwhvZSd0cHgQ1Ay%2F4CAPm3SDYb3j0Sq9PeC%2Fg61%2Bo71fPgNmxMcI07sonNQlkhgI9A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=864&min_rtt=426&rtt_var=391&sent=223&recv=152&lost=0&retrans=1&sent_bytes=218974&recv_bytes=8723&delivery_rate=35553571&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=637&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/checkimg.php?urli=stream-vf-197b-5e7c-8905-443c.jpg
200 OK 18 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-197b-5e7c-8905-443c.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2025-03-15
Last Seen 2025-07-29
Times Seen 19
Size 18 kB (17487 bytes)
MD5 9bc17b07067c4aa19e87a83ff6cd9ada
SHA1 11d60e9ed128b0c883a7846eed9b429cae46719c
SHA256 7145b9ea76c95b201aec18da2fc32fa20734c34766e17882ab947d3854b38b61
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-197b-5e7c-8905-443c.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 17487
cf-ray: 9638df9ccb360b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jftgh0eLl55BWRV5WYjy%2BKU%2FfQTMXbr1l9ZWhFNmHbgcANbifTh8aJ8FyIQ48HJS0MQTx0mNXijS2Lwv%2Bl10sD3l3SRST0CMi3E1L0iW4XeQrzC5lVSdO6CI7FJXcg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=682&min_rtt=395&rtt_var=129&sent=312&recv=166&lost=0&retrans=1&sent_bytes=336804&recv_bytes=8810&delivery_rate=35553571&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=647&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/checkimg.php?urli=stream-vf-404a-6c3a-87b9-4bf5.jpg
200 OK 19 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-404a-6c3a-87b9-4bf5.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2025-07-12
Last Seen 2025-07-29
Times Seen 7
Size 19 kB (19254 bytes)
MD5 f89bc65d92e254ef04228f2f1fec1088
SHA1 8316ef3129eb1fd207cd7143101eeaf931b1b871
SHA256 4899273a99bbee6f5a3d6cede3e7fdb7213cf8b93417a49ad313534916f7f5f5
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-404a-6c3a-87b9-4bf5.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 19254
cf-ray: 9638df9cdb3e0b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=11uzHm%2F6%2ByAAd8wrBnPHkI3pCVkudBuwQPpxhwq3M0if8oGQSpgK8KzZ7Hn0VFjkfYOq8HIGvRm5G5d%2BYH1Pmfn8QUuPZq7yay85iPy15qQrw83GjvTVzAvsZcGGnA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=691&min_rtt=395&rtt_var=161&sent=383&recv=182&lost=0&retrans=1&sent_bytes=425268&recv_bytes=8810&delivery_rate=42436944&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=654&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/checkimg.php?urli=stream-vf-dfaa-ccf0-0f44-4f11.jpg
200 OK 15 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-dfaa-ccf0-0f44-4f11.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2025-07-19
Last Seen 2025-07-23
Times Seen 2
Size 15 kB (15166 bytes)
MD5 a2239c078eff0056d4ebaeef1a293659
SHA1 433bd5ad9c591f7b98e8f15594d0ce180d0bac48
SHA256 55233366a22b0e91c295fafeca0ff0813226063df8e1e5044f648fab01f60f38
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-dfaa-ccf0-0f44-4f11.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 15166
cf-ray: 9638df9ceb590b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BrmN0n2ladVoHVhSptjvTPhDjjvnhPnbA08l5KJo0TOFoK%2FYlfTchFFOjBHaIdfI8Yd4E9SjXb02LZCQm0v7f2i04oaM05roE2mC95NcPVYSjMARWlDO0BlnLq6zbA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=723&min_rtt=395&rtt_var=173&sent=533&recv=203&lost=0&retrans=1&sent_bytes=610674&recv_bytes=8810&delivery_rate=48406976&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=672&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/checkimg.php?urli=stream-vf-5cef-c135-1e50-4bc2.jpg
200 OK 14 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-5cef-c135-1e50-4bc2.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2025-07-23
Last Seen 2025-07-23
Times Seen 1
Size 14 kB (14147 bytes)
MD5 1d79e2c00550b8e7caaedcee112673e5
SHA1 48628117bf299c61561a734ebf401b02547c01e1
SHA256 39538cfe58d97b2cbb6db8fe375102a7e127a715ea185c38940a07f2d3bd985c
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-5cef-c135-1e50-4bc2.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 14147
cf-ray: 9638df9cfb730b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YN%2Fqjr7WyzCpvaGqM7RtLZcKBgw1TjqbEQ8R795uXCJVKPCrO7dQoapFzHv33Y%2F3fIbyUirYbimTVZFBeKrM7mi7RoBoxRpeZ0IKNgEPOY098BNc7%2FpSbKdKtStr3A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=756&min_rtt=395&rtt_var=174&sent=719&recv=223&lost=0&retrans=1&sent_bytes=839650&recv_bytes=8810&delivery_rate=48406976&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=683&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/checkimg.php?urli=stream-vf-4591-e44d-4e17-4d0a.jpg
200 OK 13 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-4591-e44d-4e17-4d0a.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2025-06-30
Last Seen 2025-07-29
Times Seen 9
Size 13 kB (12646 bytes)
MD5 c86c756863e44c3077a82d03d8c99626
SHA1 24fb8fb37ca8dc44c8a14075d7ad8e58ce21a9e3
SHA256 36e58f1bb4bacc6203a8b3eb4a692610e078db5c4c5b47e14076de4bb399e2e1
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-4591-e44d-4e17-4d0a.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 12646
cf-ray: 9638df9ceb550b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LOfHq%2FJgI25gJKK81sTR0LSkY9JKoOlDLEwxbseXZ%2BbNlC8UvQpI1qQAoRgYemYzhoqJvbI3ttEy%2FzOGXfUaGPa3YuZ%2BoXI1jA9nKcN5i0925n2PoHPG0wQoR46F%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=674&min_rtt=395&rtt_var=124&sent=493&recv=200&lost=0&retrans=1&sent_bytes=564984&recv_bytes=8810&delivery_rate=48406976&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=670&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/templates/flemmixnew/style/owl.carousel.min.css?v=11
200 OK 3.5 kB URL
flemmix.zip/templates/flemmixnew/style/owl.carousel.min.css?v=11
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type ASCII text, with very long lines (3288)
First Seen 2023-05-11
Last Seen 2025-07-29
Times Seen 52
Size 3.5 kB (3455 bytes)
MD5 7fa5013d360a7c9377b7516a46eb8223
SHA1 da84644fa14e61438e27050182c280b8b0bdcff1
SHA256 38e03e7dc781e887aaa70975aa0cab0ae5b5a06f8a1ebaa1694b2680c138bc45
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /templates/flemmixnew/style/owl.carousel.min.css?v=11 HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: text/css; charset=UTF-8
content-length: 881
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control: public, max-age=604800
expires: Tue, 29 Jul 2025 01:02:53 GMT
last-modified: Wed, 16 Jul 2025 13:43:43 GMT
etag: "d7f-6877ac8f-b18c8d8f25a9ce05;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
server: cloudflare
x-turbo-charged-by: LiteSpeed
age: 104801
cf-cache-status: HIT
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=LMDiZl13yr8Lx%2FaS1FyAckOjxxsQD4612jgHXgCueIFHb2SzcNL9DlqYWGYqULiew3jtRdwutJwbaNdoBvJvdWczsHHKVjIOGQ%3D%3D"}]}
cf-ray: 9638df9c9b010b3d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET flemmix.zip/checkimg.php?urli=stream-vf-9280-b4ac-e142-4c38.jpg
200 OK 16 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-9280-b4ac-e142-4c38.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2025-07-23
Last Seen 2025-07-23
Times Seen 1
Size 16 kB (15868 bytes)
MD5 1699339de1e83fc2eb4c009e824ec9e1
SHA1 702e874d5704dde1f09031cd5f8a42d0d9738056
SHA256 0fd9cdc593a950bf52c6776eac1deeda6bd395f19e90c7b163630b0b8c954ee9
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-9280-b4ac-e142-4c38.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 15868
cf-ray: 9638df9ceb5e0b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J1oFVkFCw4lS%2F41q9KXjXEPBb1JrtKlUpz2OtpKUITrCVI9J4YmSa1e8FlH5cgKgWkKoedU0%2BPwLWbv6HqbLIKT%2FowmeQYLNvz%2FZTOwIZsu%2BABH0iKmBgH%2FCScdDgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=697&min_rtt=395&rtt_var=174&sent=579&recv=204&lost=0&retrans=1&sent_bytes=668977&recv_bytes=8810&delivery_rate=48406976&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=674&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/checkimg.php?urli=stream-vf-e65a-d99d-498a-4565.jpg
200 OK 20 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-e65a-d99d-498a-4565.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2025-07-23
Last Seen 2025-07-23
Times Seen 1
Size 20 kB (20064 bytes)
MD5 efd110b0161bafff6100a910340a8351
SHA1 9970e98ef69c631de9fbf56b88173ee57e098809
SHA256 b692452f3361a871f6270659acd8e9a38c1df8c30d4c2a86e7a0fd66633c87a3
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-e65a-d99d-498a-4565.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 20064
cf-ray: 9638df9cfb720b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qY8C6pyTm3Gri3GjL5%2FwKibWiU88ifWTGUX%2FDERqfNgb2Wcug7ApwVAEa5QOSsUVib21lBW%2BZvoGh3Lxs2rf7a%2FaPUTIrxfX8mmbuB4s9ta49oowAcJMe81z1JWrAw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1066&min_rtt=395&rtt_var=877&sent=649&recv=207&lost=0&retrans=1&sent_bytes=755297&recv_bytes=8810&delivery_rate=48406976&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=678&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/checkimg.php?urli=stream-vf-d002-c891-472a-442f.jpg
200 OK 19 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-d002-c891-472a-442f.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2025-07-18
Last Seen 2025-07-29
Times Seen 5
Size 19 kB (19296 bytes)
MD5 a8600a25d419f9f75f2ec64f4ea13d38
SHA1 9effea8fc84416f07b791dbdbae34163304ba756
SHA256 b6a89c4b7d44222bab83b738a2e639a0f1322e087dbf82d6074fc750b4d3acae
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-d002-c891-472a-442f.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 19296
cf-ray: 9638df9cdb400b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XHaz5rd6Za0RaISCq0lubN3ahyAINEvFtPtwzF4qvgcfylo9GJfxarCkuydhRKKU%2Fo54%2Bp90KrSNb%2B9x0Cf%2BnWBHUq87WYJshVNMoYzO4q%2FGDwB0X5rQxrt7h%2Bk2pw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=650&min_rtt=395&rtt_var=118&sent=416&recv=188&lost=0&retrans=1&sent_bytes=465338&recv_bytes=8810&delivery_rate=42436944&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=658&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/checkimg.php?urli=stream-vf-cb90-24c7-3af9-42b1.jpg
200 OK 12 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-cb90-24c7-3af9-42b1.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2025-07-23
Last Seen 2025-07-23
Times Seen 1
Size 12 kB (12038 bytes)
MD5 b55240d7e6736e5003f53a41b97cc7b5
SHA1 dc9d7a28e0052b0ae3e2f34c63f1ae788eb212cb
SHA256 51e845cc032ab46fc81d849c9c04cfd3b0e968662a96f836c4ce05117a559c5e
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-cb90-24c7-3af9-42b1.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 12038
cf-ray: 9638df9cfb6c0b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sF%2FMGHl5RLViR9DfXSEztmo9FlatIU0SxN0920Q7TQdMaEh0I4DALYoqz%2BmLI%2F4UhYkgk6k9EN%2BddyOGW05J5hZe%2F0bt1nshWAe8DTYjtApmjFt4MXu6ONMyxUYr%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=697&min_rtt=395&rtt_var=174&sent=602&recv=204&lost=0&retrans=1&sent_bytes=698492&recv_bytes=8810&delivery_rate=48406976&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=675&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/checkimg.php?urli=stream-vf-c3ec-dd12-36e1-4c11.jpg
200 OK 16 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-c3ec-dd12-36e1-4c11.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2025-03-01
Last Seen 2025-07-29
Times Seen 28
Size 16 kB (15773 bytes)
MD5 7586151950f2136daa985d71500593c8
SHA1 5b88be3ddf8e3fa6a95dd1d2fa8a864fe85f026d
SHA256 5ca61a107ff66f8d82da59c1d7f8ce8744261a99186185d59fd09659d3e5441c
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-c3ec-dd12-36e1-4c11.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 15773
cf-ray: 9638df9d6be30b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ruJFShwEmGoXffIAYLWTO%2Bvla7umKPqUqM1nba3Sz6D2FfFYsGbNiYIewGUvIJSihopjXDkWTu40Ki4oGF2bevd5%2Bo%2Bs3pu9qkR0vsQ8TMl4fkkgNsp9rCNUr7zSPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2013&min_rtt=395&rtt_var=2441&sent=1092&recv=281&lost=0&retrans=1&sent_bytes=1263414&recv_bytes=8810&delivery_rate=48406976&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=772&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/templates/flemmixnew/style/font-awesome.min.css
200 OK 31 kB URL
flemmix.zip/templates/flemmixnew/style/font-awesome.min.css
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type ASCII text, with very long lines (30837)
First Seen 2023-04-05
Last Seen 2025-08-02
Times Seen 8366
Size 31 kB (30999 bytes)
MD5 008e0bb5ebfa7bc298a042f95944df25
SHA1 93897ebc560b38a1d2bff43c22dd6a3b7ee90c0c
SHA256 c4047043368afb4baf1aed25d358a5c2a333842a3b436b58491ab36aeee65b9d
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /templates/flemmixnew/style/font-awesome.min.css HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: text/css; charset=UTF-8
content-length: 5632
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control: public, max-age=604800
expires: Tue, 29 Jul 2025 01:02:53 GMT
last-modified: Wed, 16 Jul 2025 13:43:43 GMT
etag: "7917-6877ac8f-66ff2c2a9e403edf;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
server: cloudflare
x-turbo-charged-by: LiteSpeed
age: 104801
cf-cache-status: HIT
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=jJvyy06k46KxfW3KShAPzMU0hkZ8ylvd2MfExbYiZsQIHtC9uw5B%2B%2F6QcEAhFiWN41jTE3BwNLo7y%2FJ%2F5dA4%2BAG9lRqsKkOe%2Fw%3D%3D"}]}
cf-ray: 9638df9c8af90b3d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET flemmix.zip/checkimg.php?urli=stream-vf-a83e-d740-652a-4590.jpg
200 OK 19 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-a83e-d740-652a-4590.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2025-06-30
Last Seen 2025-07-29
Times Seen 10
Size 19 kB (18621 bytes)
MD5 f61f072f36740cd520fde79851d2b4d1
SHA1 9b221989807b0ca715c400a243a9c3e63506a318
SHA256 622e87fc8a44e26026273ae44f6c823d7ff4ecdcb0c20be2314ae5c130786500
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-a83e-d740-652a-4590.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 18621
cf-ray: 9638df9cab140b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x%2Bqe2MSyVh1r251s8ptnu4sPh8Z7jWwKiXevyP6dEpkHxkUc8QBglwWyYgfTHRSBjkrjw4qSxj8G6RB7DKBNK1rteBiBLBqky638FWo7jFzxAs6IT%2BQNYGpMIoNJcg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=717&min_rtt=395&rtt_var=206&sent=257&recv=160&lost=0&retrans=1&sent_bytes=263217&recv_bytes=8723&delivery_rate=35553571&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=642&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/checkimg.php?urli=stream-vf-adc4-8d7f-a51b-42ec.jpg
200 OK 20 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-adc4-8d7f-a51b-42ec.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2025-06-30
Last Seen 2025-07-29
Times Seen 10
Size 20 kB (20185 bytes)
MD5 debc765a1d10fdadd993ccfe62995419
SHA1 4ac614fd7c8148e6e03bba87dd4818e18c8d8b43
SHA256 c7103a80710e7fe0b37ef2bafcb8dd9b1783b84c565a7c031bb478f12b0ab8f3
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-adc4-8d7f-a51b-42ec.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 20185
cf-ray: 9638df9cbb180b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AYtn2BcKHQr%2F2BI2%2FHhy%2Fq1EXIwmLmSNylZgIvcd1OYaZ0NpEY%2FFYVDIgblo0JlT9UPWKB%2FXtr%2FI2nE1GsG28DrG1QW1bqIoJ0AthR7GF1JjPPtx12yh%2B%2FWRJm0UrA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=879&min_rtt=426&rtt_var=378&sent=178&recv=146&lost=0&retrans=1&sent_bytes=162182&recv_bytes=8410&delivery_rate=35553571&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=634&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/checkimg.php?urli=stream-vf-5b08-8935-ffab-4498.jpg
200 OK 28 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-5b08-8935-ffab-4498.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2025-01-01
Last Seen 2025-07-29
Times Seen 30
Size 28 kB (27643 bytes)
MD5 62805c38a52b57d0bc7ab11471b2719e
SHA1 865aad11eb745992edf624c93a6334f5d4a93c98
SHA256 7d6165bbd3c68191528df0dd3c47c72ea5caf8e5a6c4793653bc401441ced852
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-5b08-8935-ffab-4498.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
cf-ray: 9638df9cbb1e0b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SBV2GFVKSfuZ3RzAZwhUHCQ9jZeOMlbOPft5EICjswhZiHooRSFUfA7KvvPatYW0VAWUyztsE24%2Fd9iDVZdOJn0jmip%2BMD%2FA6q8SUi4pHE404%2BEqvBADMYNCEPDkgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=864&min_rtt=426&rtt_var=391&sent=234&recv=152&lost=0&retrans=1&sent_bytes=233669&recv_bytes=8723&delivery_rate=35553571&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=637&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/checkimg.php?urli=stream-vf-5c25-d669-bef5-462f.jpg
200 OK 19 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-5c25-d669-bef5-462f.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2025-03-15
Last Seen 2025-07-29
Times Seen 19
Size 19 kB (18609 bytes)
MD5 08c7218dd7f2c3065e408ccfd12aa176
SHA1 63249c979d7006d511de146b1ea36890612adb72
SHA256 ae7b78f17709e7376f9c54f602754d2a997ad0cb2fc007016129da11f689ea0a
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-5c25-d669-bef5-462f.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 18609
cf-ray: 9638df9ccb350b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ed4I4gpaQAFxSdMedRTOF8%2F5ZGqmR5yXV6DES9sDOX1yJxG2T%2Fj5P%2FAmzcsFXqQ5YDD4booUKTpgeY6kCImUs9J3mNb2IlmE0JCstyzjgl5Jy3asl8%2Fqm0tJHLt6xQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=676&min_rtt=395&rtt_var=193&sent=369&recv=179&lost=0&retrans=1&sent_bytes=409357&recv_bytes=8810&delivery_rate=42436944&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=652&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/templates/flemmixnew/fonts/fontawesome-webfont.woff2?v=4.5.0
200 OK 67 kB URL
flemmix.zip/templates/flemmixnew/fonts/fontawesome-webfont.woff2?v=4.5.0
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type Web Open Font Format (Version 2), TrueType, length 66624, version 4.262
First Seen 2023-04-05
Last Seen 2025-08-02
Times Seen 11987
Size 67 kB (66624 bytes)
MD5 db812d8a70a4e88e888744c1c9a27e89
SHA1 638c652d623280a58144f93e7b552c66d1667a11
SHA256 ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /templates/flemmixnew/fonts/fontawesome-webfont.woff2?v=4.5.0 HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/templates/flemmixnew/style/engine.css?v=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 23 Jul 2025 05:45:46 GMT
content-type: font/woff2
content-length: 66624
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KV%2FRyVH3bp9SIgDeXF9eYxhkBU84pW%2FATCdmXWRX7l%2Fv7QejRRvh%2FqIS6fuIdYHTI2JJblwQbQQeMf3%2B8OgOws1d20ZJsHAyZgxeeemLmBlYelyY%2Fap5DtYKrHsSfA%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Wed, 16 Jul 2025 13:43:36 GMT
etag: "10440-6877ac88-1e21598d2487e753;;;"
accept-ranges: bytes
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: REVALIDATED
cf-ray: 9638dfa11fed5691-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1183&min_rtt=0&rtt_var=842&sent=231&recv=181&lost=0&retrans=0&sent_bytes=160151&recv_bytes=12739&delivery_rate=11340541&ss_exit_cwnd=15116&ss_exit_reason=2&cwnd=14000&unsent_bytes=0&cid=0c0cb8fa5c46c838&ts=1143&inflight_dur=131&x=40"
GET flemmix.zip/checkimg.php?urli=stream-vf-d930-b1b1-5813-4d9f.jpg
200 OK 21 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-d930-b1b1-5813-4d9f.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2025-07-05
Last Seen 2025-07-29
Times Seen 9
Size 21 kB (21269 bytes)
MD5 fc0158e5ac64b4b47408e9e66cd8ed83
SHA1 ac0bc33f52f2abf422feb273831cae86607adcaf
SHA256 d0613be9f36ad1f29631f6860b0f0d69e0588af4a0150db9849ff4f95b093d83
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-d930-b1b1-5813-4d9f.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 21269
cf-ray: 9638df9cab110b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KBbqd%2BqUURjKHj5AJJPfeC6MLCftVxROHaW%2Fx3rqKpR%2FOebKKPT6yRekzHyf02l9n91kD5ZvwqWLu9vPBAZKMjc0mLhGkalx4%2FOSJzxLYxL4E73FtSLrHjzCdq%2F3DA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=701&min_rtt=426&rtt_var=76&sent=167&recv=139&lost=0&retrans=1&sent_bytes=147400&recv_bytes=8200&delivery_rate=35553571&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=632&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/checkimg.php?urli=stream-vf-1613-e11f-cd80-4836.jpg
200 OK 20 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-1613-e11f-cd80-4836.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2025-06-01
Last Seen 2025-07-29
Times Seen 18
Size 20 kB (19992 bytes)
MD5 59be83435d9e7cd397bc6c9849341ab0
SHA1 7ea059302462d81c0747ebbc62b3d761ffc3c00a
SHA256 59b29ca0955af71ebfe767cc3c883211adc53f1c7ed8df4364de3fda197cbd64
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-1613-e11f-cd80-4836.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
cf-ray: 9638df9ccb2a0b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i3D%2B8aw%2BvppXbtza7yDqbtwFVZYHmBj23u9U0cjykz8WuaTjq0E9GveFODNKBl1WSJ%2BLCUb%2BvbrxMDlbbUiGtCWhhhY98CWWdab9kV9e8fxq7f0TzBy3zAObr%2Bs3uQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=717&min_rtt=395&rtt_var=206&sent=268&recv=160&lost=0&retrans=1&sent_bytes=277966&recv_bytes=8723&delivery_rate=35553571&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=643&x=0"
X-Firefox-Spdy: h2
GET onflemme.com/?urli=stream-vf-0737-dba4-b3e8-4eb8.jpg
200 OK 1.6 kB URL
onflemme.com/?urli=stream-vf-0737-dba4-b3e8-4eb8.jpg
IP / ASN
104.21.24.16
#13335 CLOUDFLARENET
Resource Info
File type HTML document, Unicode text, UTF-8 text
First Seen 2025-07-18
Last Seen 2025-07-23
Times Seen 3
Size 1.6 kB (1551 bytes)
MD5 a85daf43b425e96b098e55619b5347bf
SHA1 74ce73c7315ba20247d84eef23cdea58c58d4cb2
SHA256 d07be7051163d28d9e7f3904a638e73a75cc306daddb801154d7fc79192e29a3
Certificate Info
Issuer Google Trust Services
Subject onflemme.com
Fingerprint EC:7D:94:C5:A9:C5:10:71:E3:9F:58:6B:81:5E:5B:71:90:86:64:0C
Validity Sat, 05 Jul 2025 23:24:29 GMT - Sat, 04 Oct 2025 00:22:52 GMT
GET /?urli=stream-vf-0737-dba4-b3e8-4eb8.jpg HTTP/1.1
Host: onflemme.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:41 GMT
content-type: text/html; charset=UTF-8
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
last-modified: Wed, 16 Jul 2025 14:02:08 GMT
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=lE5%2Btkn0vfamMEWRY8ZsDl1cpWQPZTzTLXKBfyG%2Fmm%2FttZnKhPMkePZUuiQJ8NmqDzVWdzjQALCS6M5VGoFxQTNnwQfWxVYgiPE%3D"}]}
vary: Accept-Encoding
server: cloudflare
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 9638df8459cab4f1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET flemmix.zip/checkimg.php?urli=stream-vf-78ec-ee23-2346-4896.jpg
200 OK 27 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-78ec-ee23-2346-4896.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2025-06-01
Last Seen 2025-07-29
Times Seen 15
Size 27 kB (27182 bytes)
MD5 12699ba333719e09cba60df073f09c00
SHA1 89f5a41f1325119ab1bb62442265bb7fb49677ae
SHA256 135091c2f4b8188caeeba7b1a5c8343ebbe3777b95fdc7655c6b45f38322bd96
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-78ec-ee23-2346-4896.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 27182
cf-ray: 9638df9ccb3c0b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IL7FUy2bJCfzKr0BT4Gi9qUGGxkdReq9oivWJNjr3qT6iSuNn67avHyjoyOFeTqh3bNoLcWQ93ZXp8xlrmBFfDd7w2kmMMB%2FRL5FQso8V4GTZqoRGzdc4ffuMzCuvg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=683&min_rtt=395&rtt_var=132&sent=394&recv=184&lost=0&retrans=1&sent_bytes=440009&recv_bytes=8810&delivery_rate=42436944&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=657&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/checkimg.php?urli=stream-vf-92bb-302f-0c1b-4146.jpg
200 OK 20 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-92bb-302f-0c1b-4146.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2025-07-23
Last Seen 2025-07-23
Times Seen 1
Size 20 kB (19869 bytes)
MD5 3751adfa14bd88c42f4fe60254ced26d
SHA1 7e36967b09d8e16fa9b4c87a629469c6626b58db
SHA256 e741d4006b0e984286024d3117bab9e3f05cad5e4af28c866745f1203b61f065
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-92bb-302f-0c1b-4146.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 19869
cf-ray: 9638df9cfb630b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C2h095oQqB90DM1fJgTgxYwQW4t0j8C9M2W%2B5vF6IlW%2BBEXU4Myaa0hpqWjH5KW1RLmhkO7P6CxlES06alekQ7fmuMoFXn1Xk4eVH4vfzEk%2FRrBGu3WUr1hRoX31OA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=723&min_rtt=395&rtt_var=173&sent=521&recv=203&lost=0&retrans=1&sent_bytes=595902&recv_bytes=8810&delivery_rate=48406976&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=671&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/checkimg.php?urli=stream-vf-fb07-d96b-f793-4af2.jpg
200 OK 17 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-fb07-d96b-f793-4af2.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2025-01-27
Last Seen 2025-07-29
Times Seen 29
Size 17 kB (17271 bytes)
MD5 0c90a72a4cdadb55d3f70b439ccc2d3d
SHA1 08986e7d672af71d5f0bef6877184af34ea6d4fe
SHA256 d3be404d01a4dee85328f28b6e47f25c1cbd83f5e4d2a48aad6498bcdcb2d8e9
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-fb07-d96b-f793-4af2.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 17271
cf-ray: 9638df9d0b7c0b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vmX%2B0ThRKBRvXu17QNUaRhZcmwkb0DEWFc7vF%2FdPd4Hzm6D1xGmi%2B7tOlq5Nzwsfv1lX8J8AEAD3ssfzna2s91mbcrqx2hYoQi17gGOY0Ba2hJgGUW6NFVJIWMNubA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=815&min_rtt=395&rtt_var=328&sent=731&recv=225&lost=0&retrans=1&sent_bytes=854385&recv_bytes=8810&delivery_rate=48406976&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=684&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/checkimg.php?urli=stream-vf-4e94-0d8c-0493-4084.jpg
200 OK 15 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-4e94-0d8c-0493-4084.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2025-06-01
Last Seen 2025-07-29
Times Seen 19
Size 15 kB (14943 bytes)
MD5 e69b9081b01c23062e281b3163413458
SHA1 30565df61d4a6da114f5a572f3e4c363ef03a029
SHA256 da620537b27669c7f2156bb815e482223ee7a472e0144c748fc9bc9a415a234e
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-4e94-0d8c-0493-4084.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 14943
cf-ray: 9638df9cbb270b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GCL4z9n044rkgbkAK3shkdfApX1dqgDXg%2F3QG0pA2U4wr8qBdfM%2BU%2FymRz0k5oESbFV6COQPa5McqJlkSI25rvrY6JwFMpCyJkVS%2FIbcCkw6q36nS6EI6ZurD04GBA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=650&min_rtt=395&rtt_var=118&sent=428&recv=188&lost=0&retrans=1&sent_bytes=480139&recv_bytes=8810&delivery_rate=42436944&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=658&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/checkimg.php?urli=stream-vf-1630-b491-4be9-4279.jpg
200 OK 16 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-1630-b491-4be9-4279.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2025-06-30
Last Seen 2025-07-29
Times Seen 9
Size 16 kB (15779 bytes)
MD5 6596b2697031272c30a2bcfeae06eca0
SHA1 d8c5cc2b31c4e283e05546259c17436845f5076d
SHA256 8894eb26c5797eaba76515f3b797c2f5e2bea6b393e3dbe923f8d537f8d10b3a
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-1630-b491-4be9-4279.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 15779
cf-ray: 9638df9ceb560b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MVhWKk49I4%2Ff0EnLKTzxNsD9h8t8EteBkXq%2F6ZsaPs%2B%2FeaN4WU450sVo3xaNjjJ59QaNk3HBGs9KCjoa3sZTM%2BMNlB0Yltl6FM%2FQqW6EGVb%2BMK19BJnzx3DeJ%2Fwbmg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=657&min_rtt=395&rtt_var=124&sent=509&recv=201&lost=0&retrans=1&sent_bytes=581138&recv_bytes=8810&delivery_rate=48406976&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=670&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/checkimg.php?urli=stream-vf-09d7-cb63-6841-4472.jpg
200 OK 23 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-09d7-cb63-6841-4472.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), default quality", baseline, precision 8, 250x345, components 3
First Seen 2024-04-21
Last Seen 2025-07-29
Times Seen 115
Size 23 kB (23084 bytes)
MD5 a9998a1b30320f7a6a09419de8cdf7c1
SHA1 9dd090170a53b3d07ef7961d5eb2c6aace755097
SHA256 8e3864c1822938dfaaf7570a895dce9db976e084e2466e621a977639ae7d5b40
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-09d7-cb63-6841-4472.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 23084
cf-ray: 9638df9d1b8c0b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=euobYAxNeAIGGUzVcxU7PUF1BPcwQnfz%2BIfpELOt6OnWzbSlbR7o%2Fiig%2FZdvZdOx7aR5lisuZCnci%2FD8u6Lxp4OxRWoeopIGREQA%2FWqA01o9xUoVIn2VQ2UkWfH5qQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=872&min_rtt=395&rtt_var=384&sent=860&recv=237&lost=0&retrans=1&sent_bytes=1007418&recv_bytes=8810&delivery_rate=48406976&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=702&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/checkimg.php?urli=stream-vf-c206-9594-0685-402a.jpg
200 OK 25 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-c206-9594-0685-402a.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2025-06-05
Last Seen 2025-07-29
Times Seen 19
Size 25 kB (24682 bytes)
MD5 d519a285a1abfdb58ed820c59a2f53e7
SHA1 f0b8968bcd3965791f963442a327485d2ddbb8c8
SHA256 e3433eba30bce1a388f941c012c78d708d68e01ab0039f069929c00e0427cb98
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-c206-9594-0685-402a.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 24682
cf-ray: 9638df9d6bec0b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gLgB0ZXhLDNMP%2Fjw764NTubX46ZLoCaDWQNevlsATi5uYPuFlqCZvVJRk8mY5L4dDQ%2BZZXssYxELnRihh1NWhnQWwZg6I6LOha1ZoDtrs62RuTpqET7qRJrjj4so1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1262&min_rtt=395&rtt_var=949&sent=1032&recv=268&lost=0&retrans=1&sent_bytes=1188554&recv_bytes=8810&delivery_rate=48406976&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=749&x=0"
X-Firefox-Spdy: h2
GET onflemme.com/favicon.ico
404 Not Found 1.3 kB URL
onflemme.com/favicon.ico
IP / ASN
104.21.24.16
#13335 CLOUDFLARENET
Requested by https://onflemme.com/?urli=stream-vf-0737-dba4-b3e8-4eb8.jpg
Resource Info
File type HTML document, ASCII text, with CRLF, LF line terminators
First Seen 2024-02-08
Last Seen 2025-08-02
Times Seen 44678
Size 1.3 kB (1251 bytes)
MD5 8150f458ed6fb9b1db4e5cfa57a1a281
SHA1 6e5726854d28687b560d7fdcb5c782c425c7dfb9
SHA256 4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896
Certificate Info
Issuer Google Trust Services
Subject onflemme.com
Fingerprint EC:7D:94:C5:A9:C5:10:71:E3:9F:58:6B:81:5E:5B:71:90:86:64:0C
Validity Sat, 05 Jul 2025 23:24:29 GMT - Sat, 04 Oct 2025 00:22:52 GMT
GET /favicon.ico HTTP/1.1
Host: onflemme.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://onflemme.com/?urli=stream-vf-0737-dba4-b3e8-4eb8.jpg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Wed, 23 Jul 2025 05:45:42 GMT
content-type: text/html
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
server: cloudflare
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=eE9RHz%2FOHFvVduFgZPfQbqcKnu6kbXTEs4XapTo%2BjetGDoQ5dtbP8o%2FbMiLnaov%2BgAjEJK1Wcmg1DS79BVMmdZ9f2kohXB4putU%3D"}]}
content-encoding: br
cf-ray: 9638df86dc3ab4f1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
200 OK 113 kB IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Resource Info
File type HTML document, Unicode text, UTF-8 text, with very long lines (451)
First Seen 2025-07-23
Last Seen 2025-07-23
Times Seen 1
Size 113 kB (112925 bytes)
MD5 6af1d8e7b93cd6c8f42b5b543bc1c97c
SHA1 3ec78abd8f8bef916c2c82ff78ca866d33f7ae5d
SHA256 d5d6a367bd4080ceaa2fef83d5889b2ce3f7b7893fc9e3674c42633d1e8aea2d
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET / HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://onflemme.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: text/html; charset=UTF-8
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=2uuLrn42sjCrxBoh%2B32PRQTj%2FfL6NkQnSU665OkTPSqwi%2FBk%2BLx%2FrE%2F6jZAjZaxTpzqqZSWT5sNNFvNtTcb2VthdXO%2F6fJMC3Q%3D%3D"}]}
vary: Accept-Encoding
server: cloudflare
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 9638df9999340b3d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET flemmix.zip/checkimg.php?urli=stream-vf-c8db-e63e-255c-4935.jpg
200 OK 11 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-c8db-e63e-255c-4935.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2025-06-30
Last Seen 2025-07-29
Times Seen 10
Size 11 kB (11427 bytes)
MD5 c1202e9f7c5601eb8b1eae0e1f84fb15
SHA1 ad1573500c4aa0f748232a2e8f2b3597ce17db3a
SHA256 e2af98467448aadcd3b4c896539b6d6acb12c8246eb89d647f383643aaba4161
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-c8db-e63e-255c-4935.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 11427
cf-ray: 9638df9cab0f0b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nlTDL0nZ5bYNy62WRWqUVWSgQCXa9O3K1ZydfkTUJlXpT2loE0uiyWHwxYGK8efbUSOFikW44SAGgr%2BNY8WhjujVe%2Be8IzJAqTsHRB6h43oqhq9yCK0swkv%2F3CGUzw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=774&min_rtt=426&rtt_var=448&sent=156&recv=128&lost=0&retrans=1&sent_bytes=135418&recv_bytes=8096&delivery_rate=35553571&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=629&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/templates/flemmixnew/images/vostfr.png
200 OK 1.7 kB URL
flemmix.zip/templates/flemmixnew/images/vostfr.png
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type PNG image data, 30 x 20, 8-bit/color RGBA, non-interlaced
First Seen 2023-07-14
Last Seen 2025-07-29
Times Seen 45
Size 1.7 kB (1742 bytes)
MD5 9f14dc49caecb6f0a868f1ceaec98054
SHA1 b6889d8545f1ed88db534ea6f3ee8e4b232f0391
SHA256 af2d24e4bfe8d2d26d9517fe32a60df8a930e92886e2fcffe1c413985da763f7
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /templates/flemmixnew/images/vostfr.png HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/templates/flemmixnew/style/styles.css?v=9.919999
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 23 Jul 2025 05:45:46 GMT
content-type: image/png
content-length: 1742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WT9UoF4tCPEi%2BMqM3aEA%2FFBQMQguD0ehTmluCdisq0AhTTX0SrGMDobVJHdqbW05qAdSWuyWp38W%2FLWAGTVqmpURhGpX%2F9DbLYuo4RsdQK7ZEYhnAWU6knUctRZM4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
expires: Tue, 29 Jul 2025 01:02:55 GMT
last-modified: Wed, 16 Jul 2025 13:43:40 GMT
etag: "6ce-6877ac8c-a1d5ecafeea3380f;;;"
accept-ranges: bytes
x-turbo-charged-by: LiteSpeed
age: 104800
cf-cache-status: HIT
cf-ray: 9638dfa11feb5691-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3617&min_rtt=176&rtt_var=2887&sent=121&recv=161&lost=0&retrans=0&sent_bytes=15372&recv_bytes=10505&delivery_rate=681281&ss_exit_cwnd=15116&ss_exit_reason=2&cwnd=14000&unsent_bytes=0&cid=0c0cb8fa5c46c838&ts=1029&inflight_dur=67&x=40"
GET flemmix.zip/checkimg.php?urli=stream-vf-1658-56e8-c793-41a3.jpg
200 OK 20 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-1658-56e8-c793-41a3.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2025-07-23
Last Seen 2025-07-23
Times Seen 1
Size 20 kB (19638 bytes)
MD5 47d2d227857d20cccd9891c315aaeb87
SHA1 8f07ec2885fe8d2625d52d81dc8289a4b393d4b9
SHA256 3081a4f36c21e4b0386772d141b6bdb05df8099c97f9efbc7a8cc98c7420dae6
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-1658-56e8-c793-41a3.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 19638
cf-ray: 9638df9ceb580b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X1kTmqUv4YnBoqoOIlpc%2FQSnOdqrTX%2F5eaXtwMcT3f3IjNXybNCnXT%2BGKRkse58zbvS6j0UKfM%2BrV1kHzkhzSFz1p3oXEzKzBbJ09IpmxEJdNBbrrozup4o2djCjHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=697&min_rtt=395&rtt_var=174&sent=591&recv=204&lost=0&retrans=1&sent_bytes=683740&recv_bytes=8810&delivery_rate=48406976&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=675&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/checkimg.php?urli=stream-vf-1ba8-7be5-7557-43b6.jpg
200 OK 19 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-1ba8-7be5-7557-43b6.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2025-07-23
Last Seen 2025-07-23
Times Seen 1
Size 19 kB (19325 bytes)
MD5 6ca2d3dfafb54595ec89ca833d927fd8
SHA1 ee84fb57a65b95758a1fec32fdf046517d6e2d55
SHA256 baf11c842163cdc44001675b999b53922fd8fab9943d549932deeb0098b90ba7
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-1ba8-7be5-7557-43b6.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 19325
cf-ray: 9638df9cfb5f0b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SOQ4NbrNxwpfYY6LU5vRSbDuUWQzU0YWONtinriR%2B47mRKTuOPxtmmB3vyVVPYAqZy5vK5Z1DrtfjDLhqNgBK1k0DVa5aDBtKVBf5xMbyK8LQbGT0kH3Ix8p3yJubQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=697&min_rtt=395&rtt_var=174&sent=558&recv=204&lost=0&retrans=1&sent_bytes=640927&recv_bytes=8810&delivery_rate=48406976&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=674&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/templates/flemmixnew/images/vf.png
200 OK 217 B URL
flemmix.zip/templates/flemmixnew/images/vf.png
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type PNG image data, 30 x 20, 8-bit colormap, non-interlaced
First Seen 2023-07-14
Last Seen 2025-07-29
Times Seen 75
Size 217 B (217 bytes)
MD5 cead6dc76790e05172de6cb9f4ac2498
SHA1 a9b16fb67eb3af6332c009149b2058c2a29bf8a9
SHA256 5c844c855fa960c45d6311d5498f9f501856b83442499dea6bdd207f1221a780
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /templates/flemmixnew/images/vf.png HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/templates/flemmixnew/style/styles.css?v=9.919999
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 23 Jul 2025 05:45:46 GMT
content-type: image/png
content-length: 217
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9IsxvfMD7F%2BXebsJ6NpvWV36n94HsDtGk%2Bt%2BVTzd%2Fq7q01foIm80jbbrJbemhBpSDCPhfjJhECg3fXl%2BIqzS3CJ3ToM4L0k%2FoUraQsWoA26TVNh6M7a6lnMQPZe3yQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
expires: Tue, 29 Jul 2025 01:02:55 GMT
last-modified: Wed, 16 Jul 2025 13:43:40 GMT
etag: "d9-6877ac8c-80cd003f7fd3845d;;;"
accept-ranges: bytes
x-turbo-charged-by: LiteSpeed
age: 104800
cf-cache-status: HIT
cf-ray: 9638dfa11fea5691-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3617&min_rtt=176&rtt_var=2887&sent=123&recv=161&lost=0&retrans=0&sent_bytes=17897&recv_bytes=10505&delivery_rate=681281&ss_exit_cwnd=15116&ss_exit_reason=2&cwnd=14000&unsent_bytes=0&cid=0c0cb8fa5c46c838&ts=1031&inflight_dur=67&x=40"
GET flemmix.zip/checkimg.php?urli=stream-vf-c420-b0ca-cc26-4eb4.jpg
200 OK 17 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-c420-b0ca-cc26-4eb4.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2025-06-01
Last Seen 2025-07-29
Times Seen 18
Size 17 kB (17119 bytes)
MD5 25acb22a148caee020aecac5f7466f55
SHA1 231311f97d2e596a2cffc6d581226dc0bfd32d02
SHA256 e265e04488c17aef757a50374c8ed2f6754cf6f004123d63f0e25f1cc0b81e3f
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-c420-b0ca-cc26-4eb4.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 17119
cf-ray: 9638df9c9b080b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9gxrL2zNn0YHlQmrceORK23QNKU1zFIc4a2RawTkW%2F9fuBof0Hnsg0tcvg0CddNxV%2FPo%2B4hC2BFGkjfJzwHo2DCRaD%2FCWx4K4gP9o5Xx6hmxSe3bPMMSiIQlHBUGNA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1668&min_rtt=447&rtt_var=1659&sent=109&recv=105&lost=0&retrans=1&sent_bytes=79819&recv_bytes=7992&delivery_rate=23381776&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=620&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/checkimg.php?urli=stream-vf-63a3-c677-fec6-4f6c.jpg
200 OK 13 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-63a3-c677-fec6-4f6c.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2025-06-19
Last Seen 2025-07-29
Times Seen 11
Size 13 kB (13360 bytes)
MD5 c883b82bd7e5bbed5e4b1220d95f3470
SHA1 8d427abb6cd5f47c1a3590760306065cbd656412
SHA256 63a17d59355df9cce94f58599d119fd6367c7f40d24273edf5bfc0edd190aa98
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-63a3-c677-fec6-4f6c.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 13360
cf-ray: 9638df9cbb1a0b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KnBT3EdGqVxJs2kUlhsHJOxA5SzCz70f93Z1Cpk6E%2BdizQUlKI8c92IOgJoW%2FOwKKexBpuYAvsoApkypiuSTqvCoT8d9tw9W7lL5378hqWL8TSioG7H%2BWzsi3%2BGGYg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=879&min_rtt=426&rtt_var=378&sent=200&recv=147&lost=0&retrans=1&sent_bytes=191702&recv_bytes=8514&delivery_rate=35553571&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=634&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/checkimg.php?urli=stream-vf-f2fb-3fa0-b07e-4e7f.jpg
200 OK 10 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-f2fb-3fa0-b07e-4e7f.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2025-03-15
Last Seen 2025-07-29
Times Seen 19
Size 10 kB (10094 bytes)
MD5 72310c3de50a0704acfc21b7cdc12e40
SHA1 aef9ff3c7029ebcda50ab300cb47c6b7b34e491f
SHA256 ef724e669d62a2b2372f2625d7737509d6ddd2f42ebd1689e6eee1f0efae0d6b
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-f2fb-3fa0-b07e-4e7f.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 10094
cf-ray: 9638df9ccb3a0b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uMDEm124zi895ChYNuLEVNU2PweIjbPEABMX9vhnoL%2B9d5hSR9zCj2HncxkssKPWU2zUftR6lu%2FLWn%2Bp4GSnOuRdEndxW92ZOjXGQ08eHdfYReMuJ734hRHjshZPfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=683&min_rtt=395&rtt_var=132&sent=406&recv=184&lost=0&retrans=1&sent_bytes=454721&recv_bytes=8810&delivery_rate=42436944&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=657&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/checkimg.php?urli=stream-vf-6759-96eb-0736-4810.jpg
200 OK 11 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-6759-96eb-0736-4810.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2025-07-05
Last Seen 2025-07-29
Times Seen 8
Size 11 kB (10665 bytes)
MD5 05e462580877787b830e01105ead7530
SHA1 3f879b41e41de015616bf1cfc04fabe5596f7518
SHA256 60717239fd16f1ff2f2b75a5302a0bdf38528246aba5331c8470dd397bc39a81
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-6759-96eb-0736-4810.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 10665
cf-ray: 9638df9ceb540b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YWOESvY0UyQfcnlp4zrnBjOVeeoRHxpTnFyo%2FOGfGOEx4j8LQAOvH5ptPkoVTseDVNa%2Fd4ZfCgxrVlDwOmEAVQvumtzAlLCWYK74JuoxdncPnJthI%2BmyfthbxfPSKw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=661&min_rtt=395&rtt_var=66&sent=483&recv=198&lost=0&retrans=1&sent_bytes=553732&recv_bytes=8810&delivery_rate=48406976&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=666&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/checkimg.php?urli=stream-vf-ebd0-12a7-b3bb-4d00.jpg
200 OK 19 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-ebd0-12a7-b3bb-4d00.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), default quality", baseline, precision 8, 250x345, components 3
First Seen 2023-05-11
Last Seen 2025-07-29
Times Seen 118
Size 19 kB (19374 bytes)
MD5 efdc1747847ebab9033351952f8596bf
SHA1 089572331d1af5e3670920964a42fffc1074fce7
SHA256 5992beef2a7c38f49b981c377ab1bb8daf2e2e27cdd61aeeefbc57e51fb86984
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-ebd0-12a7-b3bb-4d00.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 19374
cf-ray: 9638df9d1b890b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AAoUpAsZjlzAQs3x2j6tFqlqucY2jeIchPRUsW2dC0sKHoSTnFr8LMMxhxBmq%2B22AeY8KbE35FM78Mbr2kk%2FwYwcu0PY1%2FrHsr5cy%2BDHE1N4jD6mWK6R8wJj3yGluw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=872&min_rtt=395&rtt_var=384&sent=804&recv=237&lost=0&retrans=1&sent_bytes=945584&recv_bytes=8810&delivery_rate=48406976&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=694&x=0"
X-Firefox-Spdy: h2
GET ou.larkishhaggy.com/rqh1v612Qc0WVs3/42662
200 OK 5 B URL
ou.larkishhaggy.com/rqh1v612Qc0WVs3/42662
IP / ASN
23.109.170.98
#7979 SERVERS-COM
Requested by https://flemmix.zip/
Resource Info
File type ASCII text, with no line terminators
First Seen 2025-04-24
Last Seen 2025-08-02
Times Seen 2064
Size 5 B (5 bytes)
MD5 848667c49f5d3aef59cd65ed276cd7ae
SHA1 bd12c0ca2dfaa249586f1b9b8d48b02a1b9e3763
SHA256 cc5a5851251dd8052292557ba0231c51363ff1474f60b7a4af3be144cb1327c8
Certificate Info
Issuer Let's Encrypt
Subject ou.larkishhaggy.com
Fingerprint 92:47:C0:A0:84:DC:6D:97:08:D8:CF:53:28:2E:ED:BE:AE:96:BA:02
Validity Thu, 17 Jul 2025 06:51:51 GMT - Wed, 15 Oct 2025 06:51:50 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /rqh1v612Qc0WVs3/42662 HTTP/1.1
Host: ou.larkishhaggy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Jul 2025 05:45:45 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://flemmix.zip
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9zV1OhDAcBHC%2BWdcFnYQDeASKQHj1xSv4SAr9g3Wh3ZQKensbE32bTH6T8TwvKB7g78kZ4Sdv8MRY13Z1U3VlPXa8GoaubZtyaLqSVc00NbiTW2%2F5sJCNcNpWbmxv9wiXmRQZOfajFpTh0am%2F5qr0oSLEg%2BFKZIhXJ5YM6WD0sZEpQkSKr4T0VRqa9JcT%2FEMbhOy5dlkql%2F0Sgd6KMD8jfZNKuGV%2BQcDKPE883N8Wbidt1l6KxEc8Gy4I%2FgtOI7c0a%2FONVNB2tfoG6EX0%2F%2F73ODxYiUTQLkdCrO07mR%2B4dk3m; expires=Thu, 24-Jul-2025 05:45:45 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Thu, 24-Jul-2025 05:45:45 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
GET flemmix.zip/checkimg.php?urli=stream-vf-e8a4-5018-25e8-46ed.jpg
200 OK 23 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-e8a4-5018-25e8-46ed.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2025-06-01
Last Seen 2025-07-29
Times Seen 18
Size 23 kB (23265 bytes)
MD5 92da9bb6f3e0c0810ffe17ef7c70e220
SHA1 880f9a7890c57d50dc1ee1da557899d2802eba5a
SHA256 d7b396f4bb4030a467a1ee28f9242161a2fc9f652e4bd8d13a9c0c949287195e
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-e8a4-5018-25e8-46ed.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 23265
cf-ray: 9638df9ccb2d0b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=68ciUBkIFcREEnmdicOgNkxhIVEqVyj28PAu2nzrkvAmQuAWxHLce8SurmiEbXbU6YmqV9%2FJInaGp3Hm0xm7fhYo8WJBfYk6xU2a2DBHBFuLdSYPErd9LV3gUzP8qQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=633&min_rtt=395&rtt_var=98&sent=346&recv=176&lost=0&retrans=1&sent_bytes=379955&recv_bytes=8810&delivery_rate=42436944&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=650&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/checkimg.php?urli=stream-vf-1714-d87f-3ae5-4926.jpg
200 OK 17 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-1714-d87f-3ae5-4926.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2025-07-23
Last Seen 2025-07-23
Times Seen 1
Size 17 kB (17293 bytes)
MD5 e6050524848d1ee10ed4655d94505ecd
SHA1 7d6403ea1c2b08bb65b8da015e2cf803cbe39a64
SHA256 c9d01dba6b7829c397030a2b888d86f4a684d570a877f4f37e5e83b320855e33
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-1714-d87f-3ae5-4926.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 17293
cf-ray: 9638df9cfb610b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fxiu%2BI%2FeKnydpSwMWk6gKDrpS0gXG96c1m9kMbP155O2sJe8PYLPQcMe6ju%2B3pEblBmsM2gVxf%2BXw8bIUOKoUjRDBVU%2BIBkQsSioAj8WKtulcDwJC1u0Hsp3ZEuDIw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=697&min_rtt=395&rtt_var=174&sent=568&recv=204&lost=0&retrans=1&sent_bytes=654257&recv_bytes=8810&delivery_rate=48406976&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=674&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/checkimg.php?urli=stream-vf-afc9-28fb-e55e-48c2.jpg
200 OK 16 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-afc9-28fb-e55e-48c2.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2023-05-11
Last Seen 2025-07-29
Times Seen 117
Size 16 kB (15998 bytes)
MD5 e52b506dedcc9333efc466eab71d423d
SHA1 fdaff97abbd93adaa2800fafb7bdac714c1e902b
SHA256 6f2429e75d445fead399793db696fea79b5189b42b13d2d2d1ef1d2d6439338f
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-afc9-28fb-e55e-48c2.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 15998
cf-ray: 9638df9d0b840b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZQ7JosfrQi0CXeRsAGQ4eA7Ut6oSInwixHhr7P0HKwk2JsEABuSBPLg4gqUR8%2By9u1ubK537mg0qLsyD5HWsPb1g5jXc32C3UcmcSubQ8Es5TUjAH63xFIu2TSLhaw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=978&min_rtt=395&rtt_var=536&sent=771&recv=234&lost=0&retrans=1&sent_bytes=906394&recv_bytes=8810&delivery_rate=48406976&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=689&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/templates/flemmixnew/style/owl.theme.default.min.css
200 OK 1.0 kB URL
flemmix.zip/templates/flemmixnew/style/owl.theme.default.min.css
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type ASCII text, with very long lines (846)
First Seen 2023-04-05
Last Seen 2025-08-02
Times Seen 6847
Size 1.0 kB (1013 bytes)
MD5 594b81805a98b267e47c70a8fad30d9f
SHA1 684d84ec40b305ca14efc88c91f12972cb6342b4
SHA256 924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /templates/flemmixnew/style/owl.theme.default.min.css HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: text/css; charset=UTF-8
content-length: 331
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control: public, max-age=604800
expires: Tue, 29 Jul 2025 01:02:53 GMT
last-modified: Wed, 16 Jul 2025 13:43:43 GMT
etag: "3f5-6877ac8f-3100ec84cca67ac8;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
server: cloudflare
x-turbo-charged-by: LiteSpeed
age: 104801
cf-cache-status: HIT
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=fhw5WtZplqaQzdH8iz43rsaCh%2BkKqi1K3WjBaEGgZZzo7ZeCS5oC22KpWI7SaQtREvQrmD6s%2FoTlkUn3lAQEx5B9%2F51WXjmvOA%3D%3D"}]}
cf-ray: 9638df9c9b050b3d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET flemmix.zip/checkimg.php?urli=stream-vf-e681-9844-0f40-4763.jpg
200 OK 22 kB URL
flemmix.zip/checkimg.php?urli=stream-vf-e681-9844-0f40-4763.jpg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 250x345, components 3
First Seen 2025-07-05
Last Seen 2025-07-29
Times Seen 9
Size 22 kB (21950 bytes)
MD5 a3717369cd511e3aed8c320b58b55e82
SHA1 46bd07e2ae3eb7bf13fef6e1aca8f57e2b6a649d
SHA256 2c8c51635f3c5e202ceb6c76fd00d58ce494555f23ff2ce2a4335e54e04b83ea
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checkimg.php?urli=stream-vf-e681-9844-0f40-4763.jpg HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: image/jpeg
content-length: 21950
cf-ray: 9638df9cab100b3d-OSL
cache-control: public, max-age=604800
expires: Wed, 30 Jul 2025 06:09:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QH1kJ5lDUV8lh44fSNQyjL%2BgJnYeGCe1XIMWqaJZ72qh9S1M2YVdh6%2BHNedlaNaiKt9Hze4BxOKX%2BfK0KnUi4UiNVFS1rDEYOXErtJsLrMNx9Na1RLsMZkpzxicotQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=774&min_rtt=426&rtt_var=448&sent=144&recv=128&lost=0&retrans=1&sent_bytes=120661&recv_bytes=8096&delivery_rate=35553571&cwnd=257&unsent_bytes=0&cid=5c093dc489849f44&ts=629&x=0"
X-Firefox-Spdy: h2
GET flemmix.zip/templates/flemmixnew/style/styles.css?v=9.919999
200 OK 39 kB URL
flemmix.zip/templates/flemmixnew/style/styles.css?v=9.919999
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://flemmix.zip/
Resource Info
File type Unicode text, UTF-8 text
First Seen 2025-05-11
Last Seen 2025-07-29
Times Seen 24
Size 39 kB (39178 bytes)
MD5 4d2f1a991a7ede93a4440cd064b5bbfe
SHA1 91b823d4cefdf7103cd8e039e6ff6d10a4ff37e7
SHA256 10cc5d52a8534e2ab5919eefa868ec0a6aa80c26fd359d923f239dded9a2c105
Certificate Info
Issuer CLOUDFLARE, INC.
Subject flemmix.zip
Fingerprint 2A:2F:28:12:69:34:F8:DE:34:F3:D4:6F:CA:CD:B5:7E:8E:F3:BE:1E
Validity Wed, 16 Jul 2025 13:00:56 GMT - Tue, 14 Oct 2025 13:09:21 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /templates/flemmixnew/style/styles.css?v=9.919999 HTTP/1.1
Host: flemmix.zip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flemmix.zip/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 23 Jul 2025 05:45:45 GMT
content-type: text/css; charset=UTF-8
content-length: 7059
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control: public, max-age=604800
expires: Tue, 29 Jul 2025 01:02:53 GMT
last-modified: Wed, 16 Jul 2025 13:43:44 GMT
etag: "990a-6877ac90-405f6fcff722b7f1;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
server: cloudflare
x-turbo-charged-by: LiteSpeed
age: 104801
cf-cache-status: HIT
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=eamOoFkCI2bEnUvEW5A%2BNCIyv4GTnnf5ZOHdaprd%2BGdGJEwKVNV7zI%2BcaiiSowwxZDBfWttJF0WtqRxy%2FoS0hHjDh1oAd4FQ%2Bw%3D%3D"}]}
cf-ray: 9638df9c8af70b3d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
