{"report_id":"f3756b1a-848b-4d36-b1d9-1fa65c029fcc","version":6,"status":"done","tags":[],"date":"2025-11-27T10:41:03Z","url":{"schema":"http","addr":"immediate-evex.com/","fqdn":"immediate-evex.com","domain":"immediate-evex.com","tld":"com"},"ip":{"addr":"172.67.184.220","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"immediate-evex.com/","fqdn":"immediate-evex.com","domain":"immediate-evex.com","tld":"com"},"title":"Immediate Evex ™ | The Official \u0026 Updated Website 2025 🥇","dom":{"size":63333,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (3359)","md5":"a0eda988e361959f201f06c406646840","sha1":"32fc8ade03e767a147c8955f1602b3991404f2ad","sha256":"5428d4a4cdbfd4d5adc64c77d98601dd40e6eec941e0c98c0135805baa2f497b","sha512":"e177352861243804db1b9acee763d7e2415e131d71198d75cab9c39917a7961e287bd7aec81a2aa313e567ac56550dbfe912407d8c7f70289774163ba8faab6a","ssdeep":"1536:rrigSbk/Qhq+yinnsMkNsZyOiYfbxBnmkyM/:r3QjnmkyM/","tlshash":"0053eb3225f11e2e029380c972242a8defb5894f93674949799d47871fc2de38977f9c","dom_hash":"domhash36adb9120daf5fe2ba0acc06c3a08bb2","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"immediate-evex.com/","fqdn":"immediate-evex.com","domain":"immediate-evex.com","tld":"com"},"ip":{"addr":"172.67.184.220","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-01-01T10:41:03Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":5}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"immediate-evex.com","ip":{"addr":"172.67.184.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2023-08-23","domain_rank":0,"first_seen":"2025-11-27T10:41:03.969916Z","last_seen":"2025-11-27T10:41:03.969916Z","alert_count":235,"request_count":47,"received_data":913365,"sent_data":22235,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"216.58.207.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-11-23T22:13:29.69009Z","alert_count":0,"request_count":2,"received_data":17367,"sent_data":1080,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-11-23T22:13:43.05661Z","alert_count":0,"request_count":1,"received_data":6679,"sent_data":477,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"immediate-evex.com/","fqdn":"immediate-evex.com","domain":"immediate-evex.com","tld":"com"},"ip":{"addr":"172.67.184.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"d340024e4734e72c0555fc2a541e74a1","sha1":"995e53f4089e42f677947a6f48e5ff2a25ed9ab0","sha256":"8a04e32acd55cec723824bb94592371f3dc9ab66e579560075bd3c8e54efb9a6","sha512":"86a412db921513f86162b7864a0002032b11a6e4514b079ea5a81bc8299c46b5d1a1feaf8199b976b9a8b24257322822fed38cdffbc32c1575a242bcc39854a3","ssdeep":"","tlshash":"537000cc003c000000330300c03f00300c000c3f000cf30cfc0cc0c000cc0000030c00","size":19,"data":"","first_seen":"2023-07-02T07:28:12Z","last_seen":"2026-04-06T08:09:04.989229Z","times_seen":550,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"immediate-evex.com/static/assets/app-6256b172.js","fqdn":"immediate-evex.com","domain":"immediate-evex.com","tld":"com"},"ip":{"addr":"172.67.184.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3e2d482771a47ba9b3a2bce1db19e0d2","sha1":"3509e9194d4a793ffd94a62ff64826a7591d35b9","sha256":"b1dc3a468eb8949e17762628c68205ee4ffad52ec1cdbe48e3456bf96c1c9603","sha512":"1036b1306e9b1233246ad2247e7573fa7c9831e7115445cb42e48c8c60b6eb5085170e0aa0d435ea3b6aaf93219657e494b0d554c58da6cebdd509693c5eb953","ssdeep":"384:uKWwubIJr3oQIrcUZhTnJ4NjEgcMq1Ta39F54Z/+w2fSX8BASBx72Lb43+KDYSlO:uKWwubIJrYQIrc4nJojEgg1aX4Zr2fSr","tlshash":"7672d5d6728174b20bae20dd407a5547f2281899f44ad06cf62d9dfd3d29c8a21b3f7c","size":16786,"data":"","first_seen":"2023-08-05T11:28:13Z","last_seen":"2026-04-06T08:09:04.978029Z","times_seen":291,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"immediate-evex.com/form.js","fqdn":"immediate-evex.com","domain":"immediate-evex.com","tld":"com"},"ip":{"addr":"172.67.184.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"57222cd559e3a912092239fcdb6706de","sha1":"d65d9e06d224a9a7e22916dc04eae83d1f26d6c7","sha256":"81a17cfaf5731292df919a903727b86550d2a57e1ad29893dc693ef9c2013113","sha512":"2960f1e3b8cf8e96b65fb4875f6241db594a7862c5fe1cad5e5d859df03b780c49293e4f4bca9b89db0070bb6ad7556674ec1b8bb3672c23619cd10c1cf5c232","ssdeep":"3072:CtjnGnbliOU03o4PwjRSBZTLqstc3ikgKc0Njv1BfEQ3j:C56bliXR4ZT1toJgK5jv1BcQT","tlshash":"f1542cb7b5407b2b33b53a98aa27914fab8c4c52dc8dd09ca9efdcdf585041160bdb18","size":279475,"data":"","first_seen":"2023-11-27T07:36:46Z","last_seen":"2026-04-06T08:09:04.968777Z","times_seen":301,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"immediate-evex.com/","fqdn":"immediate-evex.com","domain":"immediate-evex.com","tld":"com"},"ip":{"addr":"172.67.184.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"ebc7f5f82eaf0d72fc8a26fbc8000373","sha1":"2a827a815d3d5fa9d3238c9159f4f4af9e0a7e02","sha256":"e5ce9dfe4654166829bf24d8ea5907448883be3ed668ed8b3a85bc7f316edd2d","sha512":"c2f933dbaf4dd287915022bf26500a3156cdd00819e4da91d3b73ced318f4d9d366559c75b45e0ad71fa897c2aed4b401da3e72d2e284c9b7424d301967477ab","ssdeep":"","tlshash":"f7f0ec3400b44036c113579739cf7ec0511114b7a14c9c99775f860eafba8b00d792d6","size":518,"data":"","first_seen":"2023-11-27T07:36:46Z","last_seen":"2026-04-06T08:09:04.988592Z","times_seen":294,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"immediate-evex.com/","fqdn":"immediate-evex.com","domain":"immediate-evex.com","tld":"com"},"ip":{"addr":"172.67.184.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"af1b93af1acd7d0445a034f1189db7fa","sha1":"6da3e6a232c589bba587ca70ff28b52650d26276","sha256":"49246c311e933296183985354f49e4df6af3ce50733b57928200d6c22510b5f0","sha512":"3fa497529d3f3d3ddb26c70ca99e947e357c8ea2633b09c3ccb959ef5a11fa5c115f058d0434d7cc293d67f6b155a863a571348993b044deb9a25b364b9f09c3","ssdeep":"","tlshash":"99f0e94446fd10e0034fb27faaab5f863130408f60044e0a3e2c4fa47f65c755ac56e8","size":559,"data":"","first_seen":"2023-08-05T11:28:13Z","last_seen":"2026-04-06T08:09:04.989886Z","times_seen":301,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"immediate-evex.com/media/1796/conversions/_459_66166ec6968f9_immediate-evex-pro-photo%20(1).jpg","fqdn":"immediate-evex.com","domain":"immediate-evex.com","tld":"com"},"ip":{"addr":"172.67.184.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://immediate-evex.com/","date":"2025-11-27T10:40:40.815Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediate-evex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 28 Oct 2025 16:10:44 GMT","end":"Mon, 26 Jan 2026 17:08:24 GMT"},"fingerprint":{"sha1":"2F:11:FF:18:07:95:3D:C3:46:D3:A5:52:0A:B1:3F:BA:5F:3D:F9:F2","sha256":"0B:50:80:94:59:E0:B0:A9:CA:10:6C:A5:7E:7D:14:B8:18:A7:17:2B:E3:4F:2B:87:04:C8:21:9D:35:3C:3D:E6"}}},"request":{"raw":"GET /media/1796/conversions/_459_66166ec6968f9_immediate-evex-pro-photo%20(1).jpg HTTP/1.1\r\nHost: immediate-evex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediate-evex.com/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 27 Nov 2025 10:40:40 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 84073\r\nlast-modified: Fri, 10 Jan 2025 15:04:32 GMT\r\npriority: u=4,i=?0\r\netag: \"67813700-14869\"\r\nexpires: Mon, 26 Jan 2026 10:40:40 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oAeUCIYRtc1RXe%2FKE%2BaqBcuCilU1xFuA7LIBBKlDZHg2ptkAE7YBvheUaiax%2Bl8XMBI%2B3ux4tHz%2FTxVX61volhoKRHBXnyMP39PBUS0BBTM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a51023f1bd156ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":84073,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 459x459, components 3","md5":"9e5aaa7c95e5e57b9d993d3261b9fd3e","sha1":"a3a793a758d4823a853943a06c266981c3946c89","sha256":"037d37136a1720aff439d15c9e1729da000416c4fce28e0d8359bd51aeb9e68b","sha512":"855e5f4de9927c6db16224837db60495d5c587bc61bf98fce6a46746c6ce6b9f30573ddb532e05586a0101fd57637583ce046ff3c850f7dced530c08bfbc0c59","ssdeep":"1536:F1/K/rZFyPWfxIjo4YYqWcYdBkPdyR7AZgCiZOqcgeGr8COuJP1cnqsKv3H42YR:F1kr/IWpInqWtd4ZZFiwqcgioPtvo5R","tlshash":"de83122e8c227fd51b8f44fb09196e2452c04336e9eb1c4a7cddd969135a2ba7e037d1","first_seen":"2025-11-27T10:41:09.190666Z","last_seen":"2025-11-27T10:41:09.190666Z","times_seen":1,"resource_available":false,"data":null}},"time_used":225,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":81,"receive":144,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediate-evex.com/static/assets/app-6256b172.js","fqdn":"immediate-evex.com","domain":"immediate-evex.com","tld":"com"},"ip":{"addr":"172.67.184.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://immediate-evex.com/","date":"2025-11-27T10:40:40.374Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediate-evex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 28 Oct 2025 16:10:44 GMT","end":"Mon, 26 Jan 2026 17:08:24 GMT"},"fingerprint":{"sha1":"2F:11:FF:18:07:95:3D:C3:46:D3:A5:52:0A:B1:3F:BA:5F:3D:F9:F2","sha256":"0B:50:80:94:59:E0:B0:A9:CA:10:6C:A5:7E:7D:14:B8:18:A7:17:2B:E3:4F:2B:87:04:C8:21:9D:35:3C:3D:E6"}}},"request":{"raw":"GET /static/assets/app-6256b172.js HTTP/1.1\r\nHost: immediate-evex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediate-evex.com/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 27 Nov 2025 10:40:40 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\nlast-modified: Fri, 10 Jan 2025 15:04:32 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Mon, 26 Jan 2026 10:40:40 GMT\r\ncache-control: public, max-age=5184000\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\netag: W/\"67813700-4192\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=u%2BbmPXSTiN%2FHTCiG3AQ6Ect48VK4Y5iypg7Kn5IHDted8peN0mC%2Fzt7Rbq3f9VqxEvLhM00Y1IZXn1QOmtZBm1xdWke5Gzr8sWGRrGggjbo%3D\"}]}\r\ncf-ray: 9a51023c2b8956ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16786,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3636)","md5":"3e2d482771a47ba9b3a2bce1db19e0d2","sha1":"3509e9194d4a793ffd94a62ff64826a7591d35b9","sha256":"b1dc3a468eb8949e17762628c68205ee4ffad52ec1cdbe48e3456bf96c1c9603","sha512":"1036b1306e9b1233246ad2247e7573fa7c9831e7115445cb42e48c8c60b6eb5085170e0aa0d435ea3b6aaf93219657e494b0d554c58da6cebdd509693c5eb953","ssdeep":"384:uKWwubIJr3oQIrcUZhTnJ4NjEgcMq1Ta39F54Z/+w2fSX8BASBx72Lb43+KDYSlO:uKWwubIJrYQIrc4nJojEgg1aX4Zr2fSr","tlshash":"7672d5d6728174b20bae20dd407a5547f2281899f44ad06cf62d9dfd3d29c8a21b3f7c","first_seen":"2023-08-05T11:28:13Z","last_seen":"2026-04-06T08:09:04.978029Z","times_seen":291,"resource_available":true,"data":null}},"time_used":233,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":170,"receive":63,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediate-evex.com/media/1793/conversions/45_45_45__66166e861b21e_immediateevex-logo.webp","fqdn":"immediate-evex.com","domain":"immediate-evex.com","tld":"com"},"ip":{"addr":"172.67.184.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://immediate-evex.com/","date":"2025-11-27T10:40:40.375Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediate-evex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 28 Oct 2025 16:10:44 GMT","end":"Mon, 26 Jan 2026 17:08:24 GMT"},"fingerprint":{"sha1":"2F:11:FF:18:07:95:3D:C3:46:D3:A5:52:0A:B1:3F:BA:5F:3D:F9:F2","sha256":"0B:50:80:94:59:E0:B0:A9:CA:10:6C:A5:7E:7D:14:B8:18:A7:17:2B:E3:4F:2B:87:04:C8:21:9D:35:3C:3D:E6"}}},"request":{"raw":"GET /media/1793/conversions/45_45_45__66166e861b21e_immediateevex-logo.webp HTTP/1.1\r\nHost: immediate-evex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediate-evex.com/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 27 Nov 2025 10:40:40 GMT\r\ncontent-type: image/webp\r\ncontent-length: 1898\r\nlast-modified: Fri, 10 Jan 2025 15:04:32 GMT\r\npriority: u=4,i=?0\r\netag: \"67813700-76a\"\r\nexpires: Mon, 26 Jan 2026 10:40:40 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oBejVmGj8TO6tsqdbavVmsLFQKH24x7ymcIZJ5Q2GGPZJxuWLejiHnPX7kuxvffTtTruDTjnurPKZvwmP38Vn9d55D407kPSQsvEwCzkWe0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a51023c2b8a56ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1898,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"27f34da0567b56a66ceb7732b2f8c0f2","sha1":"ee56960aea51db6df1c062eceafac41726f8ef2b","sha256":"efdde88b4d278a620a5526ffdd5c7f2288c96fe1d419b685fd2274f3cd2b7ed4","sha512":"3c3b62b5b53e821693935c929e64de32657e3b5b1a90739d31aa15d993edfa53088fab3f824c13ce3c584be3ce7df60e4b63054605bdc7b8eeecca8598628ea6","ssdeep":"","tlshash":"7f41f92411316dc6c61742813139f145e7fabd2e9a3fe569d6960673d49214de3e28e0","first_seen":"2025-11-27T10:41:09.192566Z","last_seen":"2025-11-27T10:41:09.192566Z","times_seen":1,"resource_available":false,"data":null}},"time_used":169,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":169,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediate-evex.com/flags/en.png","fqdn":"immediate-evex.com","domain":"immediate-evex.com","tld":"com"},"ip":{"addr":"172.67.184.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://immediate-evex.com/","date":"2025-11-27T10:40:40.377Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediate-evex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 28 Oct 2025 16:10:44 GMT","end":"Mon, 26 Jan 2026 17:08:24 GMT"},"fingerprint":{"sha1":"2F:11:FF:18:07:95:3D:C3:46:D3:A5:52:0A:B1:3F:BA:5F:3D:F9:F2","sha256":"0B:50:80:94:59:E0:B0:A9:CA:10:6C:A5:7E:7D:14:B8:18:A7:17:2B:E3:4F:2B:87:04:C8:21:9D:35:3C:3D:E6"}}},"request":{"raw":"GET /flags/en.png HTTP/1.1\r\nHost: immediate-evex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediate-evex.com/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 27 Nov 2025 10:40:40 GMT\r\ncontent-type: image/png\r\ncontent-length: 1767\r\nlast-modified: Fri, 10 Jan 2025 15:04:32 GMT\r\npriority: u=4,i=?0\r\netag: \"67813700-6e7\"\r\nexpires: Mon, 26 Jan 2026 10:40:40 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7HX2ds2oG2lfvlH2AAv2CcEtJqRZrCspGJfEKo%2BEb5SGfMVyDYJJ1JkQdIPKY7dCCDN8WTjVHrJJAmiayxa2FBKp0Jwzt%2BXSqik%2FtviF2kI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a51023c2b8c56ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1767,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"ec7233b5c80e5db85f7733b2ec25203f","sha1":"d4c36fff06dc7d920b10eb13b58ea9cd9321b430","sha256":"347ee97a492f79675749d03533810ff899ee6a784b4e156f3e0a7613cdfb3d40","sha512":"89e59fa7fdef1f61485176467fd127acf55424aefcf78aca5c3944e59f0b802591587c9d90c4ff158f955b74798e933b41c84fd0d3842fa4600ec8b583c113b4","ssdeep":"","tlshash":"693109cf0b91610bd9cba7827ca71c17366659d422a7be1b4bda0dcc7f85c2ad004e38","first_seen":"2023-04-08T21:50:50Z","last_seen":"2026-04-06T08:09:04.958449Z","times_seen":5521,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediate-evex.com/flags/uk.png","fqdn":"immediate-evex.com","domain":"immediate-evex.com","tld":"com"},"ip":{"addr":"172.67.184.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://immediate-evex.com/","date":"2025-11-27T10:40:40.409Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediate-evex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 28 Oct 2025 16:10:44 GMT","end":"Mon, 26 Jan 2026 17:08:24 GMT"},"fingerprint":{"sha1":"2F:11:FF:18:07:95:3D:C3:46:D3:A5:52:0A:B1:3F:BA:5F:3D:F9:F2","sha256":"0B:50:80:94:59:E0:B0:A9:CA:10:6C:A5:7E:7D:14:B8:18:A7:17:2B:E3:4F:2B:87:04:C8:21:9D:35:3C:3D:E6"}}},"request":{"raw":"GET /flags/uk.png HTTP/1.1\r\nHost: immediate-evex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediate-evex.com/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 27 Nov 2025 10:40:40 GMT\r\ncontent-type: image/png\r\ncontent-length: 574\r\nlast-modified: Fri, 10 Jan 2025 15:04:32 GMT\r\npriority: u=4,i=?0\r\netag: \"67813700-23e\"\r\nexpires: Mon, 26 Jan 2026 10:40:40 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MrTUy%2Bkh9M5ZtfcuiY%2BA7XJoZDtrFBiJRX88pVySMtrE5TYj%2BhDiE8g4muUXV4QKDIITVoDHJTMoWw0h2RBuqRoMvf5b43729588vonspRc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a51023c4bad56ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":574,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"e2b587a3b15e34cb226afa3e572af279","sha1":"192d98c5d5d5b34123e8717c38b6733d8f7e5648","sha256":"4ec4c568d064866640e472adfb0b9f0f11162a94f179ea925f7b50cfe60fc470","sha512":"c7caf5055a177aeb344248c67aa4252c8864be09220523285ce4d3eaab9de757f93458e6e314655c1a2448879a87fe460dae2869f6c7ac9e6931c998e61f461a","ssdeep":"","tlshash":"d5f0e1e965101c78d51554d137a509b6da371d588aa20d6440648cbfaebc9c613aa163","first_seen":"2023-05-07T21:05:59Z","last_seen":"2026-04-06T08:09:04.976787Z","times_seen":412,"resource_available":false,"data":null}},"time_used":155,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":155,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediate-evex.com/action/click","fqdn":"immediate-evex.com","domain":"immediate-evex.com","tld":"com"},"ip":{"addr":"172.67.184.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://immediate-evex.com/","date":"2025-11-27T10:40:40.899Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediate-evex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 28 Oct 2025 16:10:44 GMT","end":"Mon, 26 Jan 2026 17:08:24 GMT"},"fingerprint":{"sha1":"2F:11:FF:18:07:95:3D:C3:46:D3:A5:52:0A:B1:3F:BA:5F:3D:F9:F2","sha256":"0B:50:80:94:59:E0:B0:A9:CA:10:6C:A5:7E:7D:14:B8:18:A7:17:2B:E3:4F:2B:87:04:C8:21:9D:35:3C:3D:E6"}}},"request":{"raw":"POST /action/click HTTP/1.1\r\nHost: immediate-evex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 2\r\nOrigin: https://immediate-evex.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediate-evex.com/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":2,"data":"{}"}},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 27 Nov 2025 10:40:41 GMT\r\ncontent-type: application/json\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CM3YoX3e3tI53sLjHE3U0HL3RygoFk%2BFW2ylz6paPuO4WD1wqgkd8d0xg3HVMBYxw53opJazyq%2FDtN8AGok%2Bh6uEXy3oRWu2Oi%2F2EwG%2BcTE%3D\"}]}\r\npriority: u=3,i=?0\r\naccess-control-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a51023f9bd556ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":66,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"3caefed738a9a4e475d7d8d73da82114","sha1":"57354300269844f34fa401440efff801be1e3559","sha256":"502523d18f0ce17dc20b72f84ca8541662958467e3c31d596e5a67334fe33b58","sha512":"1c4c14844bc239bedea7fb4732fee2a7b16703eec40a77647c26590762076e79b1e3ea694e647ba4df2220927b1a3a716e6ab8d8fe44840863b7533afcf738fa","ssdeep":"","tlshash":"eca022833028032828888080cc00a2a803300300cf32002380200802022c2a82382a28","first_seen":"2025-11-27T10:41:09.194972Z","last_seen":"2025-11-27T10:41:09.194972Z","times_seen":1,"resource_available":false,"data":null}},"time_used":559,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":559,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediate-evex.com/flags/zh-TW.png","fqdn":"immediate-evex.com","domain":"immediate-evex.com","tld":"com"},"ip":{"addr":"172.67.184.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://immediate-evex.com/","date":"2025-11-27T10:40:40.379Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediate-evex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 28 Oct 2025 16:10:44 GMT","end":"Mon, 26 Jan 2026 17:08:24 GMT"},"fingerprint":{"sha1":"2F:11:FF:18:07:95:3D:C3:46:D3:A5:52:0A:B1:3F:BA:5F:3D:F9:F2","sha256":"0B:50:80:94:59:E0:B0:A9:CA:10:6C:A5:7E:7D:14:B8:18:A7:17:2B:E3:4F:2B:87:04:C8:21:9D:35:3C:3D:E6"}}},"request":{"raw":"GET /flags/zh-TW.png HTTP/1.1\r\nHost: immediate-evex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediate-evex.com/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 27 Nov 2025 10:40:40 GMT\r\ncontent-type: image/png\r\ncontent-length: 870\r\nlast-modified: Fri, 10 Jan 2025 15:04:32 GMT\r\npriority: u=4,i=?0\r\netag: \"67813700-366\"\r\nexpires: Mon, 26 Jan 2026 10:40:40 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LE3Sd0io6cJNmu8Lyat5GnjzC2bdoGSaEjYDwA1peVPGsxT6R6lp9ETCluILE11m0ArA5MdQ%2FwlEd%2FY0eW2WyOadTphRFJDwXwwr3%2BdvtU0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a51023c2b8e56ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":870,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"2a2b643bc15c7363c9e58e6b47d7de30","sha1":"506ab44f76022397b3aa9682e8972d7944703d54","sha256":"c63293f5412adc096b8e492e88b8d8edfca5367a491acdd9071ef8d31b4ba9a1","sha512":"a742115cc74831e58f2607fda3ecdf88d8a01d1f9f19d784e1c46a24f9dc23f3a8b5f11251b1c6c911a53a18ee3a01d841e82952f7ab97fcc44b2a0673238e43","ssdeep":"","tlshash":"1f1196ca2450d5d7c2ea12e389ee4b452b4f4afc28560d886c151ab511df1d740e4710","first_seen":"2023-06-10T08:53:38Z","last_seen":"2026-04-06T08:09:04.978628Z","times_seen":4085,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediate-evex.com/flags/ko.png","fqdn":"immediate-evex.com","domain":"immediate-evex.com","tld":"com"},"ip":{"addr":"172.67.184.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://immediate-evex.com/","date":"2025-11-27T10:40:40.394Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediate-evex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 28 Oct 2025 16:10:44 GMT","end":"Mon, 26 Jan 2026 17:08:24 GMT"},"fingerprint":{"sha1":"2F:11:FF:18:07:95:3D:C3:46:D3:A5:52:0A:B1:3F:BA:5F:3D:F9:F2","sha256":"0B:50:80:94:59:E0:B0:A9:CA:10:6C:A5:7E:7D:14:B8:18:A7:17:2B:E3:4F:2B:87:04:C8:21:9D:35:3C:3D:E6"}}},"request":{"raw":"GET /flags/ko.png HTTP/1.1\r\nHost: immediate-evex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediate-evex.com/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 27 Nov 2025 10:40:40 GMT\r\ncontent-type: image/png\r\ncontent-length: 1361\r\nlast-modified: Fri, 10 Jan 2025 15:04:32 GMT\r\npriority: u=4,i=?0\r\netag: \"67813700-551\"\r\nexpires: Mon, 26 Jan 2026 10:40:40 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AQJO3GcVZ9kaemzygSkUQQt9fHpNG1A%2BLcwIvNOeOqhMnrFgvesuhZxLklvBN99VZ4UGfuVnsH8k8GJryfhKhtcUy%2FMFU2TbYDKfHBuPIh4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a51023c3b9f56ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1361,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"ed87e4c8a4dd16c9c3f8499a0aaa28bd","sha1":"f818a0782047c159ed8e5cd041ad7f09e8fe52fb","sha256":"eb59eb7dcf155a7b38c8f4c9db869ed942bf55a4457e3f4ff0791be4f2c736d5","sha512":"bcf1992bfb1d0ed92e4393e0b85fe5c768ed29285d38a259d0cfb60827537b74d39a925cfc4df58ed8b478d5015fad047a211ec2ddffa5a69b0d08f5abcdab6e","ssdeep":"","tlshash":"05210bad1b7c302cd6f9c5799909fb01ddfb04040c9fa1c59129d6cc28c588b70d5436","first_seen":"2023-05-07T21:05:59Z","last_seen":"2026-04-06T08:09:04.954543Z","times_seen":4216,"resource_available":false,"data":null}},"time_used":159,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":159,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediate-evex.com/flags/no.png","fqdn":"immediate-evex.com","domain":"immediate-evex.com","tld":"com"},"ip":{"addr":"172.67.184.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://immediate-evex.com/","date":"2025-11-27T10:40:40.397Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediate-evex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 28 Oct 2025 16:10:44 GMT","end":"Mon, 26 Jan 2026 17:08:24 GMT"},"fingerprint":{"sha1":"2F:11:FF:18:07:95:3D:C3:46:D3:A5:52:0A:B1:3F:BA:5F:3D:F9:F2","sha256":"0B:50:80:94:59:E0:B0:A9:CA:10:6C:A5:7E:7D:14:B8:18:A7:17:2B:E3:4F:2B:87:04:C8:21:9D:35:3C:3D:E6"}}},"request":{"raw":"GET /flags/no.png HTTP/1.1\r\nHost: immediate-evex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediate-evex.com/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 27 Nov 2025 10:40:40 GMT\r\ncontent-type: image/png\r\ncontent-length: 743\r\nlast-modified: Fri, 10 Jan 2025 15:04:32 GMT\r\npriority: u=4,i=?0\r\netag: \"67813700-2e7\"\r\nexpires: Mon, 26 Jan 2026 10:40:40 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Fth%2B7z1LNohyPzqYWPfMZXIHUXM3A4dOl33u8icVGyEDu3dqtcj6szQ4TC2pQydd4gTGrH3nqvo4016FU%2Bg%2BmUbY6KnVocX9xitLTqqSpLA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a51023c3ba256ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":743,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"d3b58f803a9a01a59210dd673998a229","sha1":"6caddb6c8e749e9c5b786a3984bb7bdbba2bafc5","sha256":"3cf52e677d7f7be201cbf6e3ec56ed1f48b95c47e5969ef2c2510e270133c4f0","sha512":"88aade4affd629926e473df3d26ecca5ba49c4b77da9343e58729cf3a2b1cd0b9d27d9e019018455bffd18b7a7570a5c14d918eff46deecc5821903f76094988","ssdeep":"","tlshash":"5501b5c7a78024a68b3eca3b40066a23976b28186e26100c5128a9bd02c21ed3d50bfc","first_seen":"2023-05-19T09:59:50Z","last_seen":"2026-04-06T08:09:04.965993Z","times_seen":615,"resource_available":false,"data":null}},"time_used":147,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":147,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediate-evex.com/flags/ru.png","fqdn":"immediate-evex.com","domain":"immediate-evex.com","tld":"com"},"ip":{"addr":"172.67.184.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://immediate-evex.com/","date":"2025-11-27T10:40:40.400Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediate-evex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 28 Oct 2025 16:10:44 GMT","end":"Mon, 26 Jan 2026 17:08:24 GMT"},"fingerprint":{"sha1":"2F:11:FF:18:07:95:3D:C3:46:D3:A5:52:0A:B1:3F:BA:5F:3D:F9:F2","sha256":"0B:50:80:94:59:E0:B0:A9:CA:10:6C:A5:7E:7D:14:B8:18:A7:17:2B:E3:4F:2B:87:04:C8:21:9D:35:3C:3D:E6"}}},"request":{"raw":"GET /flags/ru.png HTTP/1.1\r\nHost: immediate-evex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediate-evex.com/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 27 Nov 2025 10:40:40 GMT\r\ncontent-type: image/png\r\ncontent-length: 487\r\nlast-modified: Fri, 10 Jan 2025 15:04:32 GMT\r\npriority: u=4,i=?0\r\netag: \"67813700-1e7\"\r\nexpires: Mon, 26 Jan 2026 10:40:40 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WtgV6pcVUY6xu4oCR%2Bzl0IV66I91a8cYuHQsbZ2MqfdzGXMGIsrJ%2BKopO%2B2B41I63l3yrkd2V26XcA8ApryhQKp5jur9r09XQ3M%2FWw3Xt3w%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a51023c3ba556ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":487,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"5ddf50d1327e2ecc28a980e93b9f538a","sha1":"581fa9ecc609a1a07fca205b6c9751e8c28f1ebb","sha256":"1bdc7040f02e999a17f291b59767d4101adefa2d89775272ac7c66f37c710fff","sha512":"2375f58bfd0c3fe7b54258a6b222e285dbf4b4e30e87f76387ec5e1033906d0a04eb78481ee8c78460934f5c1de26007a6488d7857d59d8ca8b7b3fe31228f0d","ssdeep":"","tlshash":"a1f054ee2d01086d493cd918106b0fe1d45b0cb50ae64414d0dab2c43e2278fa8f8ac1","first_seen":"2023-05-02T00:49:29Z","last_seen":"2026-04-06T08:09:04.980939Z","times_seen":977,"resource_available":false,"data":null}},"time_used":155,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":155,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediate-evex.com/flags/sk.png","fqdn":"immediate-evex.com","domain":"immediate-evex.com","tld":"com"},"ip":{"addr":"172.67.184.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://immediate-evex.com/","date":"2025-11-27T10:40:40.403Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediate-evex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 28 Oct 2025 16:10:44 GMT","end":"Mon, 26 Jan 2026 17:08:24 GMT"},"fingerprint":{"sha1":"2F:11:FF:18:07:95:3D:C3:46:D3:A5:52:0A:B1:3F:BA:5F:3D:F9:F2","sha256":"0B:50:80:94:59:E0:B0:A9:CA:10:6C:A5:7E:7D:14:B8:18:A7:17:2B:E3:4F:2B:87:04:C8:21:9D:35:3C:3D:E6"}}},"request":{"raw":"GET /flags/sk.png HTTP/1.1\r\nHost: immediate-evex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediate-evex.com/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 27 Nov 2025 10:40:40 GMT\r\ncontent-type: image/png\r\ncontent-length: 942\r\nlast-modified: Fri, 10 Jan 2025 15:04:32 GMT\r\npriority: u=4,i=?0\r\netag: \"67813700-3ae\"\r\nexpires: Mon, 26 Jan 2026 10:40:40 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZhLfHHV22E0C5YqShrjx2wT2g%2FDpU7LfaVR6b83KdySTGnUzCtAEFXgFvy%2BfCHhZYwA8m1f5DlF4ogneMHPtTvWkcvjcI88iaBbqeZ2qDQo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a51023c4ba756ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":942,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"f505130ed0303fde84806046537f1af0","sha1":"2571608ca84fa979a602373536380578ed7f3e53","sha256":"f264c92b7384498c50a373a441de7963aa8d20225884b59affadbb0e04de2a70","sha512":"5613b8520e3ae0e3a640493711e960803e2122d8d35675917639e69aa9e849b7a089f160de53c6f308c1d338b8d80c7ab5bc3b29d80224acbffc5f61f1742ed2","ssdeep":"","tlshash":"3911c8ef651c4a0e3d2b436249da098c0c8b0d109f06d85cd69bd1e63631a8e117ce84","first_seen":"2023-05-27T18:45:41Z","last_seen":"2026-04-06T08:09:04.956961Z","times_seen":544,"resource_available":false,"data":null}},"time_used":155,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":155,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/poppins/v24/pxiEyp8kv8JHgFVrJJfecg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"216.58.207.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://immediate-evex.com/","date":"2025-11-27T10:40:40.761Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:34:57 GMT","end":"Mon, 19 Jan 2026 08:34:56 GMT"},"fingerprint":{"sha1":"A9:72:6E:D8:AB:26:CE:26:35:A4:39:55:24:08:04:0F:24:56:E8:8C","sha256":"65:84:7B:FE:24:02:CE:3E:DB:6E:1C:6B:B8:FC:99:F5:A5:65:83:F1:66:75:ED:20:20:63:06:ED:27:8A:82:FE"}}},"request":{"raw":"GET /s/poppins/v24/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://immediate-evex.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 7884\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 26 Nov 2025 21:59:25 GMT\r\nexpires: Thu, 26 Nov 2026 21:59:25 GMT\r\ncache-control: public, max-age=31536000\r\nage: 45675\r\nlast-modified: Mon, 15 Sep 2025 16:34:42 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7884,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 7884, version 1.0","md5":"9212f6f9860f9fc6c69b02fedf6db8c3","sha1":"ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b","sha256":"7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f","sha512":"67317495f4b53e20a9f31c034e456e6c37f387dffb2c092caa5159bc441cfcadd02749ffe5bbed1d580d5300a59e48a767ef2c6d9978b474f84c1a2cd095c126","ssdeep":"192:xLFDbKO9E3rS3JWBRO/J601FSS5ZUbik3Zy2f0:pd9J5W501otlI","tlshash":"c3f1ae4eb3f2cd1be40982e53a0fc90b1c578272681fd772d067a22517893bc8db2c81","first_seen":"2023-04-05T15:35:34Z","last_seen":"2026-04-06T08:09:04.977405Z","times_seen":296824,"resource_available":false,"data":null}},"time_used":158,"timings":{"blocked":73,"dns":3,"connect":7,"send":0,"wait":11,"receive":1,"ssl":60},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/poppins/v24/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"216.58.207.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://immediate-evex.com/","date":"2025-11-27T10:40:40.763Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:34:57 GMT","end":"Mon, 19 Jan 2026 08:34:56 GMT"},"fingerprint":{"sha1":"A9:72:6E:D8:AB:26:CE:26:35:A4:39:55:24:08:04:0F:24:56:E8:8C","sha256":"65:84:7B:FE:24:02:CE:3E:DB:6E:1C:6B:B8:FC:99:F5:A5:65:83:F1:66:75:ED:20:20:63:06:ED:27:8A:82:FE"}}},"request":{"raw":"GET /s/poppins/v24/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://immediate-evex.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 7816\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 22 Nov 2025 07:02:38 GMT\r\nexpires: Sun, 22 Nov 2026 07:02:38 GMT\r\ncache-control: public, max-age=31536000\r\nage: 445082\r\nlast-modified: Mon, 15 Sep 2025 16:35:07 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7816,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 7816, version 1.0","md5":"25b0e113ca7cce3770d542736db26368","sha1":"cb726212d5d525021752a1d8470a0fb593e0c49e","sha256":"9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526","sha512":"a0d331e62ab4727f49ca286a1ee7fb81cddc5bb9edf71ef84f4bd4fa1552069af1a82752011ba88fae80862d034135926b7e99d70e59d626d66d4ede90e94c30","ssdeep":"192:Agw5ksLwlyK8F2BXU96Fc575OI3+ga534SlEFwTG4ovej9be:Al5y8FSUMS5VOq1KISlvS4ov+4","tlshash":"a3f1af19d5de5a73f80032b45b6911ba7e42fa83bc68bbedf8046a10ad542cb467cc91","first_seen":"2023-04-05T13:48:05Z","last_seen":"2026-04-06T08:09:04.960431Z","times_seen":205131,"resource_available":false,"data":null}},"time_used":266,"timings":{"blocked":125,"dns":1,"connect":20,"send":0,"wait":12,"receive":1,"ssl":103},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"immediate-evex.com/flags/de.png","fqdn":"immediate-evex.com","domain":"immediate-evex.com","tld":"com"},"ip":{"addr":"172.67.184.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://immediate-evex.com/","date":"2025-11-27T10:40:40.383Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediate-evex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 28 Oct 2025 16:10:44 GMT","end":"Mon, 26 Jan 2026 17:08:24 GMT"},"fingerprint":{"sha1":"2F:11:FF:18:07:95:3D:C3:46:D3:A5:52:0A:B1:3F:BA:5F:3D:F9:F2","sha256":"0B:50:80:94:59:E0:B0:A9:CA:10:6C:A5:7E:7D:14:B8:18:A7:17:2B:E3:4F:2B:87:04:C8:21:9D:35:3C:3D:E6"}}},"request":{"raw":"GET /flags/de.png HTTP/1.1\r\nHost: immediate-evex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediate-evex.com/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 27 Nov 2025 10:40:40 GMT\r\ncontent-type: image/png\r\ncontent-length: 602\r\nlast-modified: Fri, 10 Jan 2025 15:04:32 GMT\r\npriority: u=4,i=?0\r\netag: \"67813700-25a\"\r\nexpires: Mon, 26 Jan 2026 10:40:40 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AsHFFxu5ksoi0qJnnGjFAEqFPFi76blcOQEnI75xWMxp6U0dHLDGzilIl21rsKo8cEknQu8kLXPRbarA0CnhSKAAj%2BNcvt0pwK5kXtl1y%2Fs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a51023c3b9556ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":602,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"8a2ba86f3b7de7562445967e2c21843b","sha1":"3046cd0b51721f180c2dc75513fd4bfd316b45b5","sha256":"cc318f3be9ba75def2af54bd9d0fab4f3e316517de9bf138e40dee06d332602d","sha512":"bbfe0899d1e796e1635d12332d6e5ecc21c78c7073419b14236660d6524861ad078644a0de96c914a07988584105a4d503a7ba9f29480be720ce541ad7ebeb5f","ssdeep":"","tlshash":"8df002a8839266668e5b12f3c0031dd44dbb0db4573f3518622ba8be0b61e0263806f0","first_seen":"2023-05-02T00:49:29Z","last_seen":"2026-04-06T08:09:04.975539Z","times_seen":1134,"resource_available":false,"data":null}},"time_used":160,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":160,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediate-evex.com/static/assets/index-cad56849.css","fqdn":"immediate-evex.com","domain":"immediate-evex.com","tld":"com"},"ip":{"addr":"172.67.184.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://immediate-evex.com/","date":"2025-11-27T10:40:40.372Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediate-evex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 28 Oct 2025 16:10:44 GMT","end":"Mon, 26 Jan 2026 17:08:24 GMT"},"fingerprint":{"sha1":"2F:11:FF:18:07:95:3D:C3:46:D3:A5:52:0A:B1:3F:BA:5F:3D:F9:F2","sha256":"0B:50:80:94:59:E0:B0:A9:CA:10:6C:A5:7E:7D:14:B8:18:A7:17:2B:E3:4F:2B:87:04:C8:21:9D:35:3C:3D:E6"}}},"request":{"raw":"GET /static/assets/index-cad56849.css HTTP/1.1\r\nHost: immediate-evex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediate-evex.com/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 27 Nov 2025 10:40:40 GMT\r\ncontent-type: text/css\r\nvary: accept-encoding\r\nlast-modified: Fri, 10 Jan 2025 15:04:32 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Mon, 26 Jan 2026 10:40:40 GMT\r\ncache-control: public, max-age=5184000\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\netag: W/\"67813700-25dfc\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OpYicD%2BkCi2OxDvZ%2FwJ2YaXJuxHF1vBsGaEijaZHAQdrv%2BDsPBC%2BzbwHZbdnUyEGh%2BezybbHELxiKTivBcuc%2BfN4ae68k3hoRiQWFCo5Y3w%3D\"}]}\r\ncf-ray: 9a51023c2b8856ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":155132,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"c81cf077321d8130fd73029d26721b1f","sha1":"0ab7df7b3d75b7b726c0071d87da7adce6729ca7","sha256":"cad568499afd45d2f60604c7b0000e008d9cb577ec6ab1bc0752b96de07367fa","sha512":"4536f0e428d1fc01057d6e176fda35369ca5f3300438402c3b8829cfd898297dfc778e7e940a2f8d7ff2fbb844ee373b7f5e5df85d51c202e44bad703b298329","ssdeep":"1536:otUvK9DfmvkFIVj7xXsYJ6lb4Vmpz600I4xhu:otP9DfUK4Vmpz600I4xhu","tlshash":"36e36ed7f591342ce8a681599591bffc8a7f6848cb115d9af0037bb84789ad30c62dcc","first_seen":"2024-08-24T08:23:06Z","last_seen":"2026-04-05T22:45:27.544532Z","times_seen":103,"resource_available":false,"data":null}},"time_used":369,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":208,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediate-evex.com/flags/hi.png","fqdn":"immediate-evex.com","domain":"immediate-evex.com","tld":"com"},"ip":{"addr":"172.67.184.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://immediate-evex.com/","date":"2025-11-27T10:40:40.390Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediate-evex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 28 Oct 2025 16:10:44 GMT","end":"Mon, 26 Jan 2026 17:08:24 GMT"},"fingerprint":{"sha1":"2F:11:FF:18:07:95:3D:C3:46:D3:A5:52:0A:B1:3F:BA:5F:3D:F9:F2","sha256":"0B:50:80:94:59:E0:B0:A9:CA:10:6C:A5:7E:7D:14:B8:18:A7:17:2B:E3:4F:2B:87:04:C8:21:9D:35:3C:3D:E6"}}},"request":{"raw":"GET /flags/hi.png HTTP/1.1\r\nHost: immediate-evex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediate-evex.com/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 27 Nov 2025 10:40:40 GMT\r\ncontent-type: image/png\r\ncontent-length: 701\r\nlast-modified: Fri, 10 Jan 2025 15:04:32 GMT\r\npriority: u=4,i=?0\r\netag: \"67813700-2bd\"\r\nexpires: Mon, 26 Jan 2026 10:40:40 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1Gn48ShOSAG2OYTzi3hwzOegc1w%2F%2B2aVozyz3RFDuY%2B0X0sQ19bqWh2Xzzh4oJWKES4qZhfFvLrOCK72WA%2BB9vYKqe355JyFRYE%2BYXSRdBE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a51023c3b9b56ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":701,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"79777c74b380b937c38b2eab06975935","sha1":"ac6ae14f67313ad088c273c33768cdf592560ebc","sha256":"cf916648517414e341d51a40821bfb3be8a487aa1c024c2d488d1bc2ee17fdef","sha512":"896f0ef4290e3dda7a84ff0aa87edf57599d8e972645ccf13c405cd88f98700d40198338416cb82fd4f44e04ff696304480b88c9312c24af60d11216a87c98f0","ssdeep":"","tlshash":"b60194e2400143edc21353f0ad8740c2cd8f2a6e52216d3bc8d9949e6d5024d5ea8cb8","first_seen":"2023-05-15T15:04:16Z","last_seen":"2026-04-06T08:09:04.953076Z","times_seen":309,"resource_available":false,"data":null}},"time_used":157,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":157,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediate-evex.com/flags/hu.png","fqdn":"immediate-evex.com","domain":"immediate-evex.com","tld":"com"},"ip":{"addr":"172.67.184.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://immediate-evex.com/","date":"2025-11-27T10:40:40.391Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediate-evex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 28 Oct 2025 16:10:44 GMT","end":"Mon, 26 Jan 2026 17:08:24 GMT"},"fingerprint":{"sha1":"2F:11:FF:18:07:95:3D:C3:46:D3:A5:52:0A:B1:3F:BA:5F:3D:F9:F2","sha256":"0B:50:80:94:59:E0:B0:A9:CA:10:6C:A5:7E:7D:14:B8:18:A7:17:2B:E3:4F:2B:87:04:C8:21:9D:35:3C:3D:E6"}}},"request":{"raw":"GET /flags/hu.png HTTP/1.1\r\nHost: immediate-evex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediate-evex.com/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 27 Nov 2025 10:40:40 GMT\r\ncontent-type: image/png\r\ncontent-length: 505\r\nlast-modified: Fri, 10 Jan 2025 15:04:32 GMT\r\npriority: u=4,i=?0\r\netag: \"67813700-1f9\"\r\nexpires: Mon, 26 Jan 2026 10:40:40 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=emihNq9AptHey5Sg3j3IyoPtr7PqUpaO5YMmIpCe9B8lgSwZAmmIP0O7ri0lMbpITLYrP2cLFQyJZZ5AGLhhhmyTau4hD8WMhkhfcMUkAzE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a51023c3b9c56ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":505,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"c789a334c212492af26b433c5e2b4d5b","sha1":"7bc986549c06acb5f13c177af6793be159f7c480","sha256":"e911743b60f76ab09482b0abdc256e58e9abcd693c8a382547180d18f0eef14a","sha512":"53dbd93f8b7f9cb71f439ad589c0e2ce980205da477bdd4dff12b0aff9faa85e8d383a8eddfda32f11d40da0b76976d921977b8465258b8c4db6df20c9139eff","ssdeep":"","tlshash":"3af00ee803321a32c1f86642262e09165983bca1b2578c6c80af589dbd8a03021c039b","first_seen":"2023-08-05T11:28:13Z","last_seen":"2026-04-06T08:09:04.979255Z","times_seen":527,"resource_available":false,"data":null}},"time_used":157,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":157,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediate-evex.com/flags/it.png","fqdn":"immediate-evex.com","domain":"immediate-evex.com","tld":"com"},"ip":{"addr":"172.67.184.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://immediate-evex.com/","date":"2025-11-27T10:40:40.392Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediate-evex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 28 Oct 2025 16:10:44 GMT","end":"Mon, 26 Jan 2026 17:08:24 GMT"},"fingerprint":{"sha1":"2F:11:FF:18:07:95:3D:C3:46:D3:A5:52:0A:B1:3F:BA:5F:3D:F9:F2","sha256":"0B:50:80:94:59:E0:B0:A9:CA:10:6C:A5:7E:7D:14:B8:18:A7:17:2B:E3:4F:2B:87:04:C8:21:9D:35:3C:3D:E6"}}},"request":{"raw":"GET /flags/it.png HTTP/1.1\r\nHost: immediate-evex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediate-evex.com/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 27 Nov 2025 10:40:40 GMT\r\ncontent-type: image/png\r\ncontent-length: 642\r\nlast-modified: Fri, 10 Jan 2025 15:04:32 GMT\r\npriority: u=4,i=?0\r\netag: \"67813700-282\"\r\nexpires: Mon, 26 Jan 2026 10:40:40 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Y17pwUKF8yDpBRhf0lUehWIJfvi2o0Z99W27KEKUUNGkf0tqgVm6jTGSUtqvaI0ZaiHS10NbtOO4XzwfjokkzLhx4WG3ya%2Fd814eyEZdh14%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a51023c3b9d56ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":642,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"922efc02f080135a63137dde4ffea287","sha1":"a4583be3e579a69a03a0d1f09995fdb6d1244f7d","sha256":"510116996dc4979a225c07962d84bb76e2b6340234c2c5e4280596ad08a632cb","sha512":"5d5cf4ee23afce714be0555318fbfabd0461aeae4530bd5f12d8fac947045438f97cf4a045751698514ace1465d6ae70c3f7d62cbc68437009d40553ffd7ff2b","ssdeep":"","tlshash":"bbf023a9016071eec83e2bf201410af955170da89b720008c04ff8d53c6e428c394686","first_seen":"2023-05-02T00:49:29Z","last_seen":"2026-04-06T08:09:04.980301Z","times_seen":1077,"resource_available":false,"data":null}},"time_used":157,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":157,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediate-evex.com/flags/sl.png","fqdn":"immediate-evex.com","domain":"immediate-evex.com","tld":"com"},"ip":{"addr":"172.67.184.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://immediate-evex.com/","date":"2025-11-27T10:40:40.404Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediate-evex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 28 Oct 2025 16:10:44 GMT","end":"Mon, 26 Jan 2026 17:08:24 GMT"},"fingerprint":{"sha1":"2F:11:FF:18:07:95:3D:C3:46:D3:A5:52:0A:B1:3F:BA:5F:3D:F9:F2","sha256":"0B:50:80:94:59:E0:B0:A9:CA:10:6C:A5:7E:7D:14:B8:18:A7:17:2B:E3:4F:2B:87:04:C8:21:9D:35:3C:3D:E6"}}},"request":{"raw":"GET /flags/sl.png HTTP/1.1\r\nHost: immediate-evex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediate-evex.com/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 27 Nov 2025 10:40:40 GMT\r\ncontent-type: image/png\r\ncontent-length: 730\r\nlast-modified: Fri, 10 Jan 2025 15:04:32 GMT\r\npriority: u=4,i=?0\r\netag: \"67813700-2da\"\r\nexpires: Mon, 26 Jan 2026 10:40:40 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WVVkcNGy%2Be99cagf3jNGPLGxYNd8EOd4NuxV7az1N88wEG07cusg5qx1LcV%2FSTDhLSC1DswUeZaMeQPHasKtwLDl4NA3RgmwldqIl1j1f3o%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a51023c4ba856ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":730,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"b578df2953e85fcf5d265ed486a6fe61","sha1":"975e2ec9592cba08ce67a8d5296b78b77e4c28d7","sha256":"bc8eca69c4ee13e933dbbc783c5bb22a10cb1dd70db91e987c77adf19e4ff9f8","sha512":"df303892e7fcb0e940a02a05efce934c61731ee406a3a25739fa240040b89f87b7c5cb49968f3a69183f29a09356473f147d4ab2962b279a2c24cba3d1e8ac46","ssdeep":"","tlshash":"8b0199ec050c59684d6045f224479116d3c7dca14d2b3d5e75de5ad352cb58e61dc702","first_seen":"2023-06-15T00:19:25Z","last_seen":"2026-04-06T08:09:04.957762Z","times_seen":346,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediate-evex.com/flags/th.png","fqdn":"immediate-evex.com","domain":"immediate-evex.com","tld":"com"},"ip":{"addr":"172.67.184.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://immediate-evex.com/","date":"2025-11-27T10:40:40.407Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediate-evex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 28 Oct 2025 16:10:44 GMT","end":"Mon, 26 Jan 2026 17:08:24 GMT"},"fingerprint":{"sha1":"2F:11:FF:18:07:95:3D:C3:46:D3:A5:52:0A:B1:3F:BA:5F:3D:F9:F2","sha256":"0B:50:80:94:59:E0:B0:A9:CA:10:6C:A5:7E:7D:14:B8:18:A7:17:2B:E3:4F:2B:87:04:C8:21:9D:35:3C:3D:E6"}}},"request":{"raw":"GET /flags/th.png HTTP/1.1\r\nHost: immediate-evex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediate-evex.com/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 27 Nov 2025 10:40:40 GMT\r\ncontent-type: image/png\r\ncontent-length: 524\r\nlast-modified: Fri, 10 Jan 2025 15:04:32 GMT\r\npriority: u=4,i=?0\r\netag: \"67813700-20c\"\r\nexpires: Mon, 26 Jan 2026 10:40:40 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9jLZqtl4i7go5UH3yOMTRoMg%2FqoFv4x25rDRx0d7pOTgrjnoYNwSoJssxiipaHfsA5u6b1BsED84nNvUT2NCojnalH%2B1P2JCvfq%2BgSoNSOM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a51023c4bab56ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":524,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"1c7933a528550f950ffb12cdde1c74c2","sha1":"3098d40b7cafe07f1c6579f2ed6ffcc9fb65745a","sha256":"f6e31ccc4d7a997049f3331ccf9b0e987d84f72620deee4359628f72f5aa6dac","sha512":"0cbc3c7c3b31f1e28f4b311fd4f9982a94820a72f13f03d8490bd488b271c6e869ae9079b03f2d64c6d669dbe2d0cdf49955c75036d84ef7c42378882b849a20","ssdeep":"","tlshash":"eff0758c0340a5be02964653a8030d3acbd304acd736088dc0fe741b18512110240251","first_seen":"2023-08-05T11:28:13Z","last_seen":"2026-04-06T08:09:04.98799Z","times_seen":344,"resource_available":false,"data":null}},"time_used":156,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":156,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediate-evex.com/flags/tr.png","fqdn":"immediate-evex.com","domain":"immediate-evex.com","tld":"com"},"ip":{"addr":"172.67.184.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://immediate-evex.com/","date":"2025-11-27T10:40:40.408Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediate-evex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 28 Oct 2025 16:10:44 GMT","end":"Mon, 26 Jan 2026 17:08:24 GMT"},"fingerprint":{"sha1":"2F:11:FF:18:07:95:3D:C3:46:D3:A5:52:0A:B1:3F:BA:5F:3D:F9:F2","sha256":"0B:50:80:94:59:E0:B0:A9:CA:10:6C:A5:7E:7D:14:B8:18:A7:17:2B:E3:4F:2B:87:04:C8:21:9D:35:3C:3D:E6"}}},"request":{"raw":"GET /flags/tr.png HTTP/1.1\r\nHost: immediate-evex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediate-evex.com/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 27 Nov 2025 10:40:40 GMT\r\ncontent-type: image/png\r\ncontent-length: 923\r\nlast-modified: Fri, 10 Jan 2025 15:04:32 GMT\r\npriority: u=4,i=?0\r\netag: \"67813700-39b\"\r\nexpires: Mon, 26 Jan 2026 10:40:40 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=95qIPoBO1rMnnOhBR%2F3dgFmEK1a6MasljdvY4C78QNEsu9VeJg%2BU%2Buw%2FuTrkGh3aGtTLhh5mr6Rmz03Tjiu1MXPNeXCCrifo%2B80l6LMKrmI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a51023c4bac56ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":923,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"f9619dd9adc7fbb5244483ca00cace60","sha1":"4970f612a0e86100cf07629da3b9ea12af8891e5","sha256":"d11d2b8956d975cff1ea2a49763f6eec736506498be297be7ac1c4363cc95ee5","sha512":"a7517b1bc260669d644b2c61a533abc00cedfdb859254047ef6b41af111b9a09141c4cbb5871b13014a86978cd1730ae77f8dfc7cf6a27a2bbf46b69f0b70d81","ssdeep":"","tlshash":"de11c4d8f640b028237946efd102c9aee92fa5e65c8323c89109b08d738720d2292ba0","first_seen":"2023-05-06T09:49:14Z","last_seen":"2026-04-06T08:09:04.981556Z","times_seen":624,"resource_available":false,"data":null}},"time_used":152,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":152,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediate-evex.com/flags/lt.png","fqdn":"immediate-evex.com","domain":"immediate-evex.com","tld":"com"},"ip":{"addr":"172.67.184.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://immediate-evex.com/","date":"2025-11-27T10:40:40.395Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediate-evex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 28 Oct 2025 16:10:44 GMT","end":"Mon, 26 Jan 2026 17:08:24 GMT"},"fingerprint":{"sha1":"2F:11:FF:18:07:95:3D:C3:46:D3:A5:52:0A:B1:3F:BA:5F:3D:F9:F2","sha256":"0B:50:80:94:59:E0:B0:A9:CA:10:6C:A5:7E:7D:14:B8:18:A7:17:2B:E3:4F:2B:87:04:C8:21:9D:35:3C:3D:E6"}}},"request":{"raw":"GET /flags/lt.png HTTP/1.1\r\nHost: immediate-evex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediate-evex.com/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 27 Nov 2025 10:40:40 GMT\r\ncontent-type: image/png\r\ncontent-length: 560\r\nlast-modified: Fri, 10 Jan 2025 15:04:32 GMT\r\npriority: u=4,i=?0\r\netag: \"67813700-230\"\r\nexpires: Mon, 26 Jan 2026 10:40:40 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=s9iG1XhN6OBfz%2BpamN8DrPFHYZFhDIQqAD9xYuoMSGVhR34DcZvUGIjGyvsoC3vEsIBAvUD4%2BOyPOpGq7PFVXqs9VScLN9yIJzB8rc%2F%2F3wg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a51023c3ba056ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":560,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"a07934e15a82eaa9d991f14b8738a6c2","sha1":"7cab59a83cf48a81e775a194bf74ab60d7348541","sha256":"2a58af20a8b362e09b7face70ed010abc065f364a89a0bc839fa1fab162d1ed4","sha512":"5dcf54f0afdd32f6c0be87a677386dad074481cb75d01f5e81a9f9bda600d775ddcb639e127975fbe41a33fad72f2e53dac0b13003e9aebb35557c3006226303","ssdeep":"","tlshash":"40f0e1f309824d4d483f896742021d55b5bb4846061e4d8c8416dcc9e7b2f97949cc51","first_seen":"2023-05-27T18:45:41Z","last_seen":"2026-04-06T08:09:04.986686Z","times_seen":341,"resource_available":false,"data":null}},"time_used":155,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":155,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediate-evex.com/flags/es.png","fqdn":"immediate-evex.com","domain":"immediate-evex.com","tld":"com"},"ip":{"addr":"172.67.184.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://immediate-evex.com/","date":"2025-11-27T10:40:40.405Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediate-evex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 28 Oct 2025 16:10:44 GMT","end":"Mon, 26 Jan 2026 17:08:24 GMT"},"fingerprint":{"sha1":"2F:11:FF:18:07:95:3D:C3:46:D3:A5:52:0A:B1:3F:BA:5F:3D:F9:F2","sha256":"0B:50:80:94:59:E0:B0:A9:CA:10:6C:A5:7E:7D:14:B8:18:A7:17:2B:E3:4F:2B:87:04:C8:21:9D:35:3C:3D:E6"}}},"request":{"raw":"GET /flags/es.png HTTP/1.1\r\nHost: immediate-evex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediate-evex.com/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 27 Nov 2025 10:40:40 GMT\r\ncontent-type: image/png\r\ncontent-length: 873\r\nlast-modified: Fri, 10 Jan 2025 15:04:32 GMT\r\npriority: u=4,i=?0\r\netag: \"67813700-369\"\r\nexpires: Mon, 26 Jan 2026 10:40:40 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9eP9YNZVP2jUuRB55vAS%2BUEQNo8j78ZhULrwJbYk%2FVXl5Y5k48%2FGEINffxlLvNlN9T8GxxAMk534FfM3ssfcB4dwj6J2t21KnZhEAZSL7gA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a51023c4ba956ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":873,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"8bf31a924501d6db655fe75696b5f046","sha1":"94ba0f8d4db0c35c1246a55fcbd6e0ef3cd7f0e2","sha256":"5ae9561f31199bf8a892f797a69db1bc5d477e2f8318f2b7e95487f025f66f28","sha512":"37dac360a5ac86e3e0cb6672eab5db6baf1514225741615696d09cadd93492f3c666bb6c385d12475046fa21c1672250b8cee13b83f629d80b3a8aec752491dd","ssdeep":"","tlshash":"f31163e9cb60dc1da704955134135b78ef920fa9036f296d861490ffecaa61ca5d0325","first_seen":"2023-04-08T21:50:50Z","last_seen":"2026-04-06T08:09:04.968177Z","times_seen":1315,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediate-evex.com/flags/sv.png","fqdn":"immediate-evex.com","domain":"immediate-evex.com","tld":"com"},"ip":{"addr":"172.67.184.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://immediate-evex.com/","date":"2025-11-27T10:40:40.406Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediate-evex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 28 Oct 2025 16:10:44 GMT","end":"Mon, 26 Jan 2026 17:08:24 GMT"},"fingerprint":{"sha1":"2F:11:FF:18:07:95:3D:C3:46:D3:A5:52:0A:B1:3F:BA:5F:3D:F9:F2","sha256":"0B:50:80:94:59:E0:B0:A9:CA:10:6C:A5:7E:7D:14:B8:18:A7:17:2B:E3:4F:2B:87:04:C8:21:9D:35:3C:3D:E6"}}},"request":{"raw":"GET /flags/sv.png HTTP/1.1\r\nHost: immediate-evex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediate-evex.com/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 27 Nov 2025 10:40:40 GMT\r\ncontent-type: image/png\r\ncontent-length: 715\r\nlast-modified: Fri, 10 Jan 2025 15:04:32 GMT\r\npriority: u=4,i=?0\r\netag: \"67813700-2cb\"\r\nexpires: Mon, 26 Jan 2026 10:40:40 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zrae7VZZ4yJxRgFIoOVw7d8yyODtECqLcmayV0oy4kUgyO5O5fNtGU33377Qx8o4J9h0yD%2FZUyIJEaItg0rf7ruMMl2R6jEEXr6yk2Q09I0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a51023c4baa56ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":715,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"191c145f7eb3f4755cc9a019a42259ad","sha1":"3ab0abaf3d362e2f59284949f3f62779af5dbedd","sha256":"c6897e837702d73a8dad3043ec690277cecff9ef960555169cba79d4fa9c62a3","sha512":"13c9da7e72fcb954eb8a95c3b1045eef1372c832a798293336aaa6b069be60db0f72ae8037844962bd2ff7e07c5e75ed1f14e3c927b5bee7825061b57e19084e","ssdeep":"","tlshash":"190144dd03258f3a0a370b9e24691057ded72d931b1a63506ab8bc3d6d031cd518d319","first_seen":"2023-05-13T11:39:52Z","last_seen":"2026-04-06T08:09:04.987339Z","times_seen":598,"resource_available":false,"data":null}},"time_used":152,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":152,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediate-evex.com/action/click","fqdn":"immediate-evex.com","domain":"immediate-evex.com","tld":"com"},"ip":{"addr":"172.67.184.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://immediate-evex.com/","date":"2025-11-27T10:40:40.843Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediate-evex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 28 Oct 2025 16:10:44 GMT","end":"Mon, 26 Jan 2026 17:08:24 GMT"},"fingerprint":{"sha1":"2F:11:FF:18:07:95:3D:C3:46:D3:A5:52:0A:B1:3F:BA:5F:3D:F9:F2","sha256":"0B:50:80:94:59:E0:B0:A9:CA:10:6C:A5:7E:7D:14:B8:18:A7:17:2B:E3:4F:2B:87:04:C8:21:9D:35:3C:3D:E6"}}},"request":{"raw":"POST /action/click HTTP/1.1\r\nHost: immediate-evex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 2\r\nOrigin: https://immediate-evex.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediate-evex.com/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":2,"data":"{}"}},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 27 Nov 2025 10:40:41 GMT\r\ncontent-type: application/json\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7M9k7puNXvO3SUaZnpxGvu3eSp5e1IuuC4ffKnExPNzEanNNey78%2BQxmAZY%2FOH0gAIIwo7UuYDJUbuSpNCR56K3cKj7UZmnwIFwsiY2%2FYg4%3D\"}]}\r\npriority: u=3,i=?0\r\naccess-control-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a51023f4bd256ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":66,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"9e2230602ed06127eb251cc8ac71fcd7","sha1":"98617e6f2d278bc98664e1ea9e6b2f4b49a24e2d","sha256":"7eba6e7301c64e1d83280b60cf4102dbd89a3c28243ee382b3b0033f04f66c13","sha512":"a3799c62a0111caa5a1a41b042ce6018506477cd464ce6304d69346cdf72b056da7398dac8c6c729d9b2bede606cc9f4f37e9ee7f6987e0e542a5fec2cb98ba4","ssdeep":"","tlshash":"9fa022832ce08020080f20a0080c8330033003bb2f38800b00320000c8bc0f00002208","first_seen":"2025-11-27T10:41:09.212891Z","last_seen":"2025-11-27T10:41:09.212891Z","times_seen":1,"resource_available":false,"data":null}},"time_used":408,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":405,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediate-evex.com/media/1794/conversions/32_32_66166e8a1343c_immediateevex-logo.png","fqdn":"immediate-evex.com","domain":"immediate-evex.com","tld":"com"},"ip":{"addr":"172.67.184.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://immediate-evex.com/","date":"2025-11-27T10:40:41.385Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediate-evex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 28 Oct 2025 16:10:44 GMT","end":"Mon, 26 Jan 2026 17:08:24 GMT"},"fingerprint":{"sha1":"2F:11:FF:18:07:95:3D:C3:46:D3:A5:52:0A:B1:3F:BA:5F:3D:F9:F2","sha256":"0B:50:80:94:59:E0:B0:A9:CA:10:6C:A5:7E:7D:14:B8:18:A7:17:2B:E3:4F:2B:87:04:C8:21:9D:35:3C:3D:E6"}}},"request":{"raw":"GET /media/1794/conversions/32_32_66166e8a1343c_immediateevex-logo.png HTTP/1.1\r\nHost: immediate-evex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediate-evex.com/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 27 Nov 2025 10:40:41 GMT\r\ncontent-type: image/png\r\ncontent-length: 3199\r\nlast-modified: Fri, 10 Jan 2025 15:04:32 GMT\r\npriority: u=6,i=?0\r\netag: \"67813700-c7f\"\r\nexpires: Mon, 26 Jan 2026 10:40:41 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zEoFn56F4dg%2BNOXXQ3QN0vLqzIPuPggISvJs2Z3AEAxVIGS6TogK2OOzUDVukxLSqMbqcyeKVHlA0%2FVHujEjOmWYXdxE6McJROPwaVWQGqo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a510242abe556ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3199,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"aad5831db90f362cf2ba1b6a058b8446","sha1":"3a4afaae2377cd088e095e66b57090d7d4387c03","sha256":"0b21f263f203c3e545d3592e626e7dde4fdbcac869e2a9c361478b0a6fbe2a5f","sha512":"1cc06bd78a52f85e4c62d89aa52d249a44dd88e9a62de43551157c09571657c9b4829ae88dadff300e5a9f501ddc82ef35b4a1f1bb0a1cd06de3d514d7a2b7b4","ssdeep":"","tlshash":"16616c2bdf0f9788d901726e1e390590fb8a1dda0ddc6f41c1f0199c4e2c8a9217ab44","first_seen":"2025-11-27T10:41:09.217767Z","last_seen":"2025-11-27T10:41:09.217767Z","times_seen":1,"resource_available":false,"data":null}},"time_used":156,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":156,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediate-evex.com/media/1795/conversions/_922_66166ebc5d3fd_immediate-evex-pro-banner%20(2).jpg","fqdn":"immediate-evex.com","domain":"immediate-evex.com","tld":"com"},"ip":{"addr":"172.67.184.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://immediate-evex.com/","date":"2025-11-27T10:40:40.376Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediate-evex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 28 Oct 2025 16:10:44 GMT","end":"Mon, 26 Jan 2026 17:08:24 GMT"},"fingerprint":{"sha1":"2F:11:FF:18:07:95:3D:C3:46:D3:A5:52:0A:B1:3F:BA:5F:3D:F9:F2","sha256":"0B:50:80:94:59:E0:B0:A9:CA:10:6C:A5:7E:7D:14:B8:18:A7:17:2B:E3:4F:2B:87:04:C8:21:9D:35:3C:3D:E6"}}},"request":{"raw":"GET /media/1795/conversions/_922_66166ebc5d3fd_immediate-evex-pro-banner%20(2).jpg HTTP/1.1\r\nHost: immediate-evex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediate-evex.com/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 27 Nov 2025 10:40:40 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 103706\r\nlast-modified: Fri, 10 Jan 2025 15:04:32 GMT\r\npriority: u=4,i=?0\r\netag: \"67813700-1951a\"\r\nexpires: Mon, 26 Jan 2026 10:40:40 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MShXmRDANWUrqVKd4QsmGxwjhlNbMT6DWQctsZt%2Br5oFtr%2BRDz9UNnnjLjzkdBq5PyR7AIn7U%2BBdqu0eHACjzugpgzgMw9lTQmRCDzJ%2BbqE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a51023c2b8b56ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":103706,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 908x498, components 3","md5":"5828efd349a40f4251ad66c4e1686a7a","sha1":"8743d82d79a65ab8e859ff9e90a85254a919b6a3","sha256":"979b0218ba7df0b0619e70529b0f55a7d94842ba59bb45b3a1f756b1ae8f647b","sha512":"b1406698079d6386f581680beb7ec7d2aa88a58f9380bbd157ddc98effad4968210fdb338a8d4ab4c1bc0dff3ac8ae9ee99a86e1e0a295494af89ffba089b508","ssdeep":"3072:/9r5KiqNuDk88KK0urisxJCIpK1e2o4VD:Fr5KdNuDp8KK0uMo4D","tlshash":"1fa31274a2b40bd4f5fee87aa5f76838a4c633047b81c6b13eb2b5b19a115dc92163c0","first_seen":"2025-11-27T10:41:09.219383Z","last_seen":"2025-11-27T10:41:09.219383Z","times_seen":1,"resource_available":false,"data":null}},"time_used":366,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":156,"receive":210,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediate-evex.com/flags/cs.png","fqdn":"immediate-evex.com","domain":"immediate-evex.com","tld":"com"},"ip":{"addr":"172.67.184.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://immediate-evex.com/","date":"2025-11-27T10:40:40.381Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediate-evex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 28 Oct 2025 16:10:44 GMT","end":"Mon, 26 Jan 2026 17:08:24 GMT"},"fingerprint":{"sha1":"2F:11:FF:18:07:95:3D:C3:46:D3:A5:52:0A:B1:3F:BA:5F:3D:F9:F2","sha256":"0B:50:80:94:59:E0:B0:A9:CA:10:6C:A5:7E:7D:14:B8:18:A7:17:2B:E3:4F:2B:87:04:C8:21:9D:35:3C:3D:E6"}}},"request":{"raw":"GET /flags/cs.png HTTP/1.1\r\nHost: immediate-evex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediate-evex.com/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 27 Nov 2025 10:40:40 GMT\r\ncontent-type: image/png\r\ncontent-length: 849\r\nlast-modified: Fri, 10 Jan 2025 15:04:32 GMT\r\npriority: u=4,i=?0\r\netag: \"67813700-351\"\r\nexpires: Mon, 26 Jan 2026 10:40:40 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HAqdxBFvyGC6gEj0pl0cZwiQJ17F7OQzhgF%2BJ%2FM9dcGFg%2F%2BC0t8Tts%2BK1Q3UF%2BvCcNeKC4lzy7F%2FNUKSEMCYvbJ6rsB94yzGc%2Bg9LpIWHtM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a51023c2b9056ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":849,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"4be819ea527d8a704539f3ce154c6a82","sha1":"882f02dee6104dfcda844e466b4ae8dd1e3f69c5","sha256":"2db01ff2e46696a2a9ffa5d4f5af6f2e95bef36e12aa0eb7e05045e73c0396ad","sha512":"550423dc23236b8963334e64fe6b6759aa07a9d0fa04f351d22629931f733b09b02309f1d8aadfc4abb40b0234e356d80b4d1c3b391612baeed106fdee1d25fb","ssdeep":"","tlshash":"910192d860a5ae999a04fac7920309f2a0a246192a06fc08c9ceb88e19cd8a7617070d","first_seen":"2023-05-27T18:45:41Z","last_seen":"2026-04-06T08:09:04.984001Z","times_seen":573,"resource_available":false,"data":null}},"time_used":164,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":164,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediate-evex.com/flags/vi.png","fqdn":"immediate-evex.com","domain":"immediate-evex.com","tld":"com"},"ip":{"addr":"172.67.184.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://immediate-evex.com/","date":"2025-11-27T10:40:40.410Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediate-evex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 28 Oct 2025 16:10:44 GMT","end":"Mon, 26 Jan 2026 17:08:24 GMT"},"fingerprint":{"sha1":"2F:11:FF:18:07:95:3D:C3:46:D3:A5:52:0A:B1:3F:BA:5F:3D:F9:F2","sha256":"0B:50:80:94:59:E0:B0:A9:CA:10:6C:A5:7E:7D:14:B8:18:A7:17:2B:E3:4F:2B:87:04:C8:21:9D:35:3C:3D:E6"}}},"request":{"raw":"GET /flags/vi.png HTTP/1.1\r\nHost: immediate-evex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediate-evex.com/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 27 Nov 2025 10:40:40 GMT\r\ncontent-type: image/png\r\ncontent-length: 818\r\nlast-modified: Fri, 10 Jan 2025 15:04:32 GMT\r\npriority: u=4,i=?0\r\netag: \"67813700-332\"\r\nexpires: Mon, 26 Jan 2026 10:40:40 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GP9wGGoDJjyBo5uVZa%2BZOIiOh2wS5zGL2fOcUURSoTdo64TryJe47cddPajCvNITRSf9prmx29dMc9BCYy9%2Bng4ltG2c%2F7B7kshlb9sOjF8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a51023c4bae56ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":818,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"931fa5c7d5aa2805b11fbc974b816d77","sha1":"8eb02f52bbe074b5dd681b95c6196890e49651fa","sha256":"06fc7512126a48e27890c8ac939d5821da05cc0b08d4d11698b2d95b32c3ab66","sha512":"fdb1cf9fa583d8f5fa55b0771228b69ae02873fe9db4827dab69677fbf897b7e993f15b5c3732bc66ab64fdf0534b4fa3ecdf6e6c3cc4c0803de0e48bb340b45","ssdeep":"","tlshash":"a70186a0ce845efd145fa97703a11e1aaf9b1ad01fea1c72407c6c2964924408154956","first_seen":"2023-05-06T09:49:14Z","last_seen":"2026-04-06T08:09:04.984594Z","times_seen":611,"resource_available":false,"data":null}},"time_used":150,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":150,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediate-evex.com/form.js","fqdn":"immediate-evex.com","domain":"immediate-evex.com","tld":"com"},"ip":{"addr":"172.67.184.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://immediate-evex.com/","date":"2025-11-27T10:40:40.411Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediate-evex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 28 Oct 2025 16:10:44 GMT","end":"Mon, 26 Jan 2026 17:08:24 GMT"},"fingerprint":{"sha1":"2F:11:FF:18:07:95:3D:C3:46:D3:A5:52:0A:B1:3F:BA:5F:3D:F9:F2","sha256":"0B:50:80:94:59:E0:B0:A9:CA:10:6C:A5:7E:7D:14:B8:18:A7:17:2B:E3:4F:2B:87:04:C8:21:9D:35:3C:3D:E6"}}},"request":{"raw":"GET /form.js HTTP/1.1\r\nHost: immediate-evex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediate-evex.com/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 27 Nov 2025 10:40:40 GMT\r\ncontent-type: application/javascript\r\ncf-cache-status: MISS\r\npriority: u=3,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400, must-revalidate\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SoRSaliww4g8vjo19QxCpcySuwkAHSBNMPuGLsZMVwRD9wntb1%2BJnVCCu%2FJFdO6Zsdr8tAnVjOh3DrKPVR8S6BBTyMCsdaNu%2BUnv6ukUcLZnUIOHlZPTWrM%3D\"}]}\r\netag: W/\"2706931c9edd6c7804715d81a4fd3a4a\"\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-ray: 9a51023c4baf56ae-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":279475,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"57222cd559e3a912092239fcdb6706de","sha1":"d65d9e06d224a9a7e22916dc04eae83d1f26d6c7","sha256":"81a17cfaf5731292df919a903727b86550d2a57e1ad29893dc693ef9c2013113","sha512":"2960f1e3b8cf8e96b65fb4875f6241db594a7862c5fe1cad5e5d859df03b780c49293e4f4bca9b89db0070bb6ad7556674ec1b8bb3672c23619cd10c1cf5c232","ssdeep":"3072:CtjnGnbliOU03o4PwjRSBZTLqstc3ikgKc0Njv1BfEQ3j:C56bliXR4ZT1toJgK5jv1BcQT","tlshash":"f1542cb7b5407b2b33b53a98aa27914fab8c4c52dc8dd09ca9efdcdf585041160bdb18","first_seen":"2023-11-27T07:36:46Z","last_seen":"2026-04-06T08:09:04.968777Z","times_seen":301,"resource_available":true,"data":null}},"time_used":331,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":189,"receive":142,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediate-evex.com/media/1498/conversions/763_1920__1920_65e7292179089_main-bg-banner.webp","fqdn":"immediate-evex.com","domain":"immediate-evex.com","tld":"com"},"ip":{"addr":"172.67.184.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://immediate-evex.com/","date":"2025-11-27T10:40:40.751Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediate-evex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 28 Oct 2025 16:10:44 GMT","end":"Mon, 26 Jan 2026 17:08:24 GMT"},"fingerprint":{"sha1":"2F:11:FF:18:07:95:3D:C3:46:D3:A5:52:0A:B1:3F:BA:5F:3D:F9:F2","sha256":"0B:50:80:94:59:E0:B0:A9:CA:10:6C:A5:7E:7D:14:B8:18:A7:17:2B:E3:4F:2B:87:04:C8:21:9D:35:3C:3D:E6"}}},"request":{"raw":"GET /media/1498/conversions/763_1920__1920_65e7292179089_main-bg-banner.webp HTTP/1.1\r\nHost: immediate-evex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediate-evex.com/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 27 Nov 2025 10:40:40 GMT\r\ncontent-type: image/webp\r\ncontent-length: 12138\r\nlast-modified: Fri, 10 Jan 2025 15:04:32 GMT\r\npriority: u=4,i=?0\r\netag: \"67813700-2f6a\"\r\nexpires: Mon, 26 Jan 2026 10:40:40 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6cF5fCpqCaOeMPrA7pFaY8huBr7Z5fdQtfbiPZooyuMtDLD6XatIEo15LNYyjnh2ejv%2BTF5TWgN9EdvBUQEwmJlqYW3VhdyET90Tme%2FPaVs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a51023eabcc56ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12138,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x763, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"ac927b437c61f75a61872549dd22e86e","sha1":"31595082b099c7ccb44d8fbaf7554ae7c14e335a","sha256":"a36a8fafe8d188e961bce01bfdbd8d88785a8e71b068c53a9b98d7ff011b65ff","sha512":"decccb9ce38451fc7145ee3612a511c68da3c39f18005ba50454c5f20f8633d082b3999213f83a1aa707e7aa7211f6ca9201d8ffbd12750258d1b2571201628a","ssdeep":"192:Rj2jK8de8bRkFGU+NlZ74OQ9G+i025x4sGpm0ZNnzNxLGxOYykiF2Rm8MU0uuEpf:Rj2Osnb2F3+NlZ74Hih/Gpm0rNxLKwFi","tlshash":"bd42cfd393ab4620790104ad983650537d17d7ca8fe44fe265abfbc0c9d5aa5e81eccc","first_seen":"2023-08-05T11:28:13Z","last_seen":"2026-04-05T22:45:27.551778Z","times_seen":319,"resource_available":false,"data":null}},"time_used":82,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":81,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediate-evex.com/common/arrow-down.svg","fqdn":"immediate-evex.com","domain":"immediate-evex.com","tld":"com"},"ip":{"addr":"172.67.184.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://immediate-evex.com/","date":"2025-11-27T10:40:40.756Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediate-evex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 28 Oct 2025 16:10:44 GMT","end":"Mon, 26 Jan 2026 17:08:24 GMT"},"fingerprint":{"sha1":"2F:11:FF:18:07:95:3D:C3:46:D3:A5:52:0A:B1:3F:BA:5F:3D:F9:F2","sha256":"0B:50:80:94:59:E0:B0:A9:CA:10:6C:A5:7E:7D:14:B8:18:A7:17:2B:E3:4F:2B:87:04:C8:21:9D:35:3C:3D:E6"}}},"request":{"raw":"GET /common/arrow-down.svg HTTP/1.1\r\nHost: immediate-evex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediate-evex.com/static/assets/index-cad56849.css\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 27 Nov 2025 10:40:40 GMT\r\ncontent-type: image/svg+xml\r\nvary: accept-encoding\r\nlast-modified: Fri, 10 Jan 2025 15:04:32 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Mon, 26 Jan 2026 10:40:40 GMT\r\ncache-control: public, max-age=5184000\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\netag: W/\"67813700-2af\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EoXjQ%2FwLDyaieABCQfhaQfC20bjyn96VfOJaIggLY4hyfJZ1PjEOiKWPIhPaA%2FDV3eDpVGIHoOL1PqMiLBmsPZumUD3N8Sa0mc4r9QjrsMc%3D\"}]}\r\ncf-ray: 9a51023ebbcd56ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":687,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"a60b35876f9b28d59bed3b7e4abf6ba2","sha1":"12c7639426c80f97352cf3fd7a5bb968da984459","sha256":"7ff5a0abbe0db2a64746dd03b7218d574c1cc2c0e1ff9ddc30850e51da43e373","sha512":"f11d5d96bc13d4f84716084714ed9935945f17c6f6b1066d2672342820a4a7f54e55d271197953468c11853f1159c754e9bddd4cad92da6099ef7fd54ce493de","ssdeep":"","tlshash":"1e01f4c4c20544f8f4929f50daf4d5c3eb3034baf1d44c4cb55526b42122586d90fabc","first_seen":"2023-11-27T07:36:46Z","last_seen":"2026-04-06T08:09:04.971709Z","times_seen":396,"resource_available":false,"data":null}},"time_used":160,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":159,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediate-evex.com/","fqdn":"immediate-evex.com","domain":"immediate-evex.com","tld":"com"},"ip":{"addr":"172.67.184.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://immediate-evex.com/","date":"2025-11-27T10:40:40.897Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediate-evex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 28 Oct 2025 16:10:44 GMT","end":"Mon, 26 Jan 2026 17:08:24 GMT"},"fingerprint":{"sha1":"2F:11:FF:18:07:95:3D:C3:46:D3:A5:52:0A:B1:3F:BA:5F:3D:F9:F2","sha256":"0B:50:80:94:59:E0:B0:A9:CA:10:6C:A5:7E:7D:14:B8:18:A7:17:2B:E3:4F:2B:87:04:C8:21:9D:35:3C:3D:E6"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: immediate-evex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediate-evex.com/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 27 Nov 2025 10:40:41 GMT\r\ncontent-type: text/html\r\nlast-modified: Fri, 10 Jan 2025 15:03:58 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=25asxq%2FbXdyuB3dawy6OIqd6BOi7%2B1NZa1x%2F3fYb8gpdGiZBD8kZc0iQLJGYNBU%2B64274YB04OYSi0UOHF7iSU0dway0%2BN%2FpyWILXQn6J6E%3D\"}]}\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nx-geoip: NO\r\nset-cookie: lang_fx=; Path=/; Max-Age=2592000\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9a51023f9bd456ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":65368,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (3359)","md5":"14547a39a3be7f77dd5158c371326479","sha1":"18695175bf01353facded30934e18d3d77921c82","sha256":"460ad2003aa4875cbd53d13f2e5f6c2dbb6961d2810a676d978e3463557b21e9","sha512":"b74b0cda55529796ff9d377a91ba7de6f53bd5a25c6433684324197b55d69bf9439d3b0eccf927e060c9585e9f15830de7d7c94edf6b0c5785d906344b8d8f46","ssdeep":"1536:U9isStk/Qhq+yi7n4SkNsZyHiY66/1P7Akylj:ULjTP7Akylj","tlshash":"8253fb3129f11e6a025380c972242a8effb5898f93674948799d47970fc2de28977fdc","first_seen":"2025-11-27T10:41:09.224737Z","last_seen":"2025-11-27T10:41:09.224737Z","times_seen":1,"resource_available":false,"data":null}},"time_used":216,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":151,"receive":65,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediate-evex.com/countries/no.svg","fqdn":"immediate-evex.com","domain":"immediate-evex.com","tld":"com"},"ip":{"addr":"172.67.184.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://immediate-evex.com/","date":"2025-11-27T10:40:41.132Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediate-evex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 28 Oct 2025 16:10:44 GMT","end":"Mon, 26 Jan 2026 17:08:24 GMT"},"fingerprint":{"sha1":"2F:11:FF:18:07:95:3D:C3:46:D3:A5:52:0A:B1:3F:BA:5F:3D:F9:F2","sha256":"0B:50:80:94:59:E0:B0:A9:CA:10:6C:A5:7E:7D:14:B8:18:A7:17:2B:E3:4F:2B:87:04:C8:21:9D:35:3C:3D:E6"}}},"request":{"raw":"GET /countries/no.svg HTTP/1.1\r\nHost: immediate-evex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediate-evex.com/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 27 Nov 2025 10:40:41 GMT\r\ncontent-type: image/svg+xml\r\nvary: accept-encoding\r\nlast-modified: Fri, 10 Jan 2025 15:04:32 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Mon, 26 Jan 2026 10:40:41 GMT\r\ncache-control: public, max-age=5184000\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\netag: W/\"67813700-14d\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aPtVHq3vYEnjNcOHwtn9W%2FlESF0GSXYhIgEjgoz3XDghFVpUARdDNEmVq27COBpOOzA6yGNBzytGcXOkuf%2F8M3%2FvD7ekc17FVKRYoRQK8ic%3D\"}]}\r\ncf-ray: 9a5102410bdd56ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":333,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"72ed1e32ca8cec870cde2ebd3e6ed027","sha1":"e1a0c8d63773da2d34edb77234d9f1d750327aec","sha256":"b9b277c14e5f093eb4be2c42a5af08384f14bace2e2ca505ae68ea4144f429e3","sha512":"aeed0d880ae36a5059f599f79daa873841a58a7e89406155afd3ecc037393e48a05548e0004a2bc50894053df26e814502a666bcab93cb6d8997e2b9d5373e71","ssdeep":"","tlshash":"dfe04fa5d27c9008b608d71f2b4878d61317b0dcd3652248d9802a9260889efbc3934f","first_seen":"2024-02-06T12:32:34Z","last_seen":"2026-04-06T08:09:04.963483Z","times_seen":202,"resource_available":false,"data":null}},"time_used":151,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":150,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediate-evex.com/flags/ar.png","fqdn":"immediate-evex.com","domain":"immediate-evex.com","tld":"com"},"ip":{"addr":"172.67.184.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://immediate-evex.com/","date":"2025-11-27T10:40:40.378Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediate-evex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 28 Oct 2025 16:10:44 GMT","end":"Mon, 26 Jan 2026 17:08:24 GMT"},"fingerprint":{"sha1":"2F:11:FF:18:07:95:3D:C3:46:D3:A5:52:0A:B1:3F:BA:5F:3D:F9:F2","sha256":"0B:50:80:94:59:E0:B0:A9:CA:10:6C:A5:7E:7D:14:B8:18:A7:17:2B:E3:4F:2B:87:04:C8:21:9D:35:3C:3D:E6"}}},"request":{"raw":"GET /flags/ar.png HTTP/1.1\r\nHost: immediate-evex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediate-evex.com/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 27 Nov 2025 10:40:40 GMT\r\ncontent-type: image/png\r\ncontent-length: 1480\r\nlast-modified: Fri, 10 Jan 2025 15:04:32 GMT\r\npriority: u=4,i=?0\r\netag: \"67813700-5c8\"\r\nexpires: Mon, 26 Jan 2026 10:40:40 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FY1KxbJGi8iFZ3uZioYxCitxrPsfZJG9gEGUX5J%2FXEEEhmoXfhvsfWuKLg9v6Y7Pv1vM2pYTIwxLvYMP1OjryNTdTPSxwZ88QpkQLFDcIaA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a51023c2b8d56ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1480,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"7fec8a94e0af73b8647803e1ff9887be","sha1":"aca14e7523e0bff0a9399a0998b49387d636da9e","sha256":"f093a618390e4ef10ee984262dd3334074536f565eb0ecf6cbd0939597073b3d","sha512":"61d5698ab4bcbf9589338c045a1a214edb887746e9e9a67d434dbc1ee81b3682a7cca8560c79a285dff0fd2d8550305e1d7b8f17fde68c1b9543e788a78379a0","ssdeep":"","tlshash":"fc3119e713000b75a02b96385a3b08b8244a4c4c0b6ad99b52cfbdae97563c58191e38","first_seen":"2023-05-07T21:05:59Z","last_seen":"2026-04-06T08:09:04.964118Z","times_seen":3564,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediate-evex.com/flags/fr.png","fqdn":"immediate-evex.com","domain":"immediate-evex.com","tld":"com"},"ip":{"addr":"172.67.184.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://immediate-evex.com/","date":"2025-11-27T10:40:40.388Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediate-evex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 28 Oct 2025 16:10:44 GMT","end":"Mon, 26 Jan 2026 17:08:24 GMT"},"fingerprint":{"sha1":"2F:11:FF:18:07:95:3D:C3:46:D3:A5:52:0A:B1:3F:BA:5F:3D:F9:F2","sha256":"0B:50:80:94:59:E0:B0:A9:CA:10:6C:A5:7E:7D:14:B8:18:A7:17:2B:E3:4F:2B:87:04:C8:21:9D:35:3C:3D:E6"}}},"request":{"raw":"GET /flags/fr.png HTTP/1.1\r\nHost: immediate-evex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediate-evex.com/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 27 Nov 2025 10:40:40 GMT\r\ncontent-type: image/png\r\ncontent-length: 637\r\nlast-modified: Fri, 10 Jan 2025 15:04:32 GMT\r\npriority: u=4,i=?0\r\netag: \"67813700-27d\"\r\nexpires: Mon, 26 Jan 2026 10:40:40 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6hPaX9lbX6SieQ%2FbgT%2BxlC9iVHhoCHxYMLz3bDCnbP4czzbUTFqNELfTmpC31e9R2GQC6WJy%2FwdI0yJyDglVhqzjQw1L0HtGnKjbNldfeuk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a51023c3b9956ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":637,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"930f08c6829077e96cf25d58f26bd6d3","sha1":"0dfa244548435053bbebd2ed5914e2785f0f3dc3","sha256":"594f333e3a8fe65a0466e4f9c140dab97e6b6a073579edf130a87b86614d7ec8","sha512":"34b8e8c8f95a135cccd845a2513c69d0fc3489a2df5b347dae0b5c65f6b1d218c1c976332d97f69d40f38159ab7b51c8d8cfb40d32bd45f24162320727d2a6d9","ssdeep":"","tlshash":"92f0839a22c1602d852411d530320900f4bb0f1002d13ef694be84b3281e7cbb19179d","first_seen":"2023-05-02T00:49:29Z","last_seen":"2026-04-06T08:09:04.985838Z","times_seen":1182,"resource_available":false,"data":null}},"time_used":158,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":158,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediate-evex.com/flags/pl.png","fqdn":"immediate-evex.com","domain":"immediate-evex.com","tld":"com"},"ip":{"addr":"172.67.184.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://immediate-evex.com/","date":"2025-11-27T10:40:40.398Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediate-evex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 28 Oct 2025 16:10:44 GMT","end":"Mon, 26 Jan 2026 17:08:24 GMT"},"fingerprint":{"sha1":"2F:11:FF:18:07:95:3D:C3:46:D3:A5:52:0A:B1:3F:BA:5F:3D:F9:F2","sha256":"0B:50:80:94:59:E0:B0:A9:CA:10:6C:A5:7E:7D:14:B8:18:A7:17:2B:E3:4F:2B:87:04:C8:21:9D:35:3C:3D:E6"}}},"request":{"raw":"GET /flags/pl.png HTTP/1.1\r\nHost: immediate-evex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediate-evex.com/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 27 Nov 2025 10:40:40 GMT\r\ncontent-type: image/png\r\ncontent-length: 380\r\nlast-modified: Fri, 10 Jan 2025 15:04:32 GMT\r\npriority: u=4,i=?0\r\netag: \"67813700-17c\"\r\nexpires: Mon, 26 Jan 2026 10:40:40 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wE%2FqcZlPHaZPM80n8NEKpPXzw7GJwcU0VbgeMx7xBDLinlQ8ujEs0arWhu5xfJe42j9%2Bow196iQUPv%2FxTnSUWmWTUiL4U%2BXf7rl8JpfUSE4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a51023c3ba356ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":380,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"44c8193715ca274b0074f1bb80c9e597","sha1":"e0ad2c0c5ba99953d42dfafde03b81289e180168","sha256":"3cd67729cd6ce09de1e48b04d1246a349597239241989e61356b99b588c0d90f","sha512":"f303b9ac87a8e77eb79573b9b2d7df819474084430ea08d2da7a08800d42e7367857c8b3527b437e3c5d7cf941fb64bbf0fd0f8e87e68d356372825bf626a6ae","ssdeep":"","tlshash":"ade0f1e985542c6eca650ca212372875e89380a10e173492c0e466eb62867078953203","first_seen":"2023-05-07T21:05:59Z","last_seen":"2026-04-06T08:09:04.955319Z","times_seen":682,"resource_available":false,"data":null}},"time_used":155,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":155,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediate-evex.com/flags/pt.png","fqdn":"immediate-evex.com","domain":"immediate-evex.com","tld":"com"},"ip":{"addr":"172.67.184.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://immediate-evex.com/","date":"2025-11-27T10:40:40.399Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediate-evex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 28 Oct 2025 16:10:44 GMT","end":"Mon, 26 Jan 2026 17:08:24 GMT"},"fingerprint":{"sha1":"2F:11:FF:18:07:95:3D:C3:46:D3:A5:52:0A:B1:3F:BA:5F:3D:F9:F2","sha256":"0B:50:80:94:59:E0:B0:A9:CA:10:6C:A5:7E:7D:14:B8:18:A7:17:2B:E3:4F:2B:87:04:C8:21:9D:35:3C:3D:E6"}}},"request":{"raw":"GET /flags/pt.png HTTP/1.1\r\nHost: immediate-evex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediate-evex.com/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 27 Nov 2025 10:40:40 GMT\r\ncontent-type: image/png\r\ncontent-length: 1076\r\nlast-modified: Fri, 10 Jan 2025 15:04:32 GMT\r\npriority: u=4,i=?0\r\netag: \"67813700-434\"\r\nexpires: Mon, 26 Jan 2026 10:40:40 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VzM%2B9LJ4YhGYMB2XxYRH0DMGiMiN5cSKr04Wg8yWjBX419w0IRw0PmqbOeBkdJiBXEeDMDR043DHdW5U3xpC5lryxqy%2Bflk5mDP9Xj6ME7M%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a51023c3ba456ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1076,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"bb3cb490b63a8f51283c686b916cf4ff","sha1":"f325c9d27acb1d3e03a3481eb2c240368ae8460f","sha256":"f06d3def1549dd1b0a108ddc645d2e8906fb631e5812df19cdcbd887f3700bd8","sha512":"0bd183107bfbc19ad5ccb7458cdacbc089eb7335c3eabf4b47433c0ecff5fbabacb9beabfc026170c38cb7c71847ca274c3105c93fcc042c393cc53106fff3c7","ssdeep":"","tlshash":"3a11e9f94630fb9c8960f713b423ca2a988e0b250ba3381d50fcbe9a04135fb835c710","first_seen":"2023-05-07T21:05:59Z","last_seen":"2026-04-06T08:09:04.966623Z","times_seen":765,"resource_available":false,"data":null}},"time_used":159,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":159,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediate-evex.com/flags/nl.png","fqdn":"immediate-evex.com","domain":"immediate-evex.com","tld":"com"},"ip":{"addr":"172.67.184.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://immediate-evex.com/","date":"2025-11-27T10:40:40.385Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediate-evex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 28 Oct 2025 16:10:44 GMT","end":"Mon, 26 Jan 2026 17:08:24 GMT"},"fingerprint":{"sha1":"2F:11:FF:18:07:95:3D:C3:46:D3:A5:52:0A:B1:3F:BA:5F:3D:F9:F2","sha256":"0B:50:80:94:59:E0:B0:A9:CA:10:6C:A5:7E:7D:14:B8:18:A7:17:2B:E3:4F:2B:87:04:C8:21:9D:35:3C:3D:E6"}}},"request":{"raw":"GET /flags/nl.png HTTP/1.1\r\nHost: immediate-evex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediate-evex.com/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 27 Nov 2025 10:40:40 GMT\r\ncontent-type: image/png\r\ncontent-length: 469\r\nlast-modified: Fri, 10 Jan 2025 15:04:32 GMT\r\npriority: u=4,i=?0\r\netag: \"67813700-1d5\"\r\nexpires: Mon, 26 Jan 2026 10:40:40 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WIMVNmaUGBQkk1TPiaEeQfk%2BwMIY9N9ai2GdO%2BH1Ni5OJWF7Ct5VHiJXgl0%2FYo3VCpKN%2FPaagvPTyXMHCqJxQsonB5hnXk2NAmaNZgr4QaY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a51023c3b9656ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":469,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"213b7e930b8a41dcf4c9f95ac76dbe6b","sha1":"eccf14152b6ba26fe8a7d02f79586992be40db20","sha256":"5d75fea10bb270c341503bda4357e90bb069e3e46c7a670a3583f924f3524bd3","sha512":"11eb344a2480ad3f398f91dfc4e14a3f8fb1b916543986796b6d9c5b52112c4bfe6fe48b6dae287c892f4d73106644f8b5226e4a42920d847dede47113a61b3a","ssdeep":"","tlshash":"e8f0d4dd5762669b985a6b8701010c2088931f90191980474a4fe08d7e7320535bcd56","first_seen":"2023-05-02T00:49:29Z","last_seen":"2026-04-06T08:18:41.769484Z","times_seen":770,"resource_available":false,"data":null}},"time_used":158,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":158,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediate-evex.com/","fqdn":"immediate-evex.com","domain":"immediate-evex.com","tld":"com"},"ip":{"addr":"172.67.184.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-27T10:40:39.955Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediate-evex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 28 Oct 2025 16:10:44 GMT","end":"Mon, 26 Jan 2026 17:08:24 GMT"},"fingerprint":{"sha1":"2F:11:FF:18:07:95:3D:C3:46:D3:A5:52:0A:B1:3F:BA:5F:3D:F9:F2","sha256":"0B:50:80:94:59:E0:B0:A9:CA:10:6C:A5:7E:7D:14:B8:18:A7:17:2B:E3:4F:2B:87:04:C8:21:9D:35:3C:3D:E6"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: immediate-evex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 27 Nov 2025 10:40:40 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Fri, 10 Jan 2025 15:03:58 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nx-geoip: NO\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PjoP8djk6ELDie9mfcEbxwJCqTGj%2FVAZxIJQjhV5UNLm%2BNCPqAUFzRFLVsvpyIUoWpRNMIGa%2BbOPfuaH7s%2BMYohay5DVmgIkSzf9wX9L1G4%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nset-cookie: lang_fx=; Path=/; Max-Age=2592000\r\ncf-ray: 9a510239d90ab4ed-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":65368,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (3359)","md5":"14547a39a3be7f77dd5158c371326479","sha1":"18695175bf01353facded30934e18d3d77921c82","sha256":"460ad2003aa4875cbd53d13f2e5f6c2dbb6961d2810a676d978e3463557b21e9","sha512":"b74b0cda55529796ff9d377a91ba7de6f53bd5a25c6433684324197b55d69bf9439d3b0eccf927e060c9585e9f15830de7d7c94edf6b0c5785d906344b8d8f46","ssdeep":"1536:U9isStk/Qhq+yi7n4SkNsZyHiY66/1P7Akylj:ULjTP7Akylj","tlshash":"8253fb3129f11e6a025380c972242a8effb5898f93674948799d47970fc2de28977fdc","first_seen":"2025-11-27T10:41:09.224737Z","last_seen":"2025-11-27T10:41:09.224737Z","times_seen":1,"resource_available":false,"data":null}},"time_used":211,"timings":{"blocked":26,"dns":1,"connect":1,"send":0,"wait":159,"receive":0,"ssl":21},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Poppins:300,400,600,700,800\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://immediate-evex.com/","date":"2025-11-27T10:40:40.370Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:34:58 GMT","end":"Mon, 19 Jan 2026 08:34:57 GMT"},"fingerprint":{"sha1":"56:14:7E:EF:FA:D2:CF:DD:3B:30:9C:AE:7A:C9:AD:9E:A7:87:3D:E9","sha256":"72:DD:0F:82:4D:8A:09:2D:BB:5B:E6:1B:6F:09:F8:1E:BD:BD:D3:3E:B8:A4:8C:B9:49:13:4D:DC:D7:EF:EA:77"}}},"request":{"raw":"GET /css?family=Poppins:300,400,600,700,800\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediate-evex.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Thu, 27 Nov 2025 10:40:40 GMT\r\ndate: Thu, 27 Nov 2025 10:40:40 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5993,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"d7d29ea911af499896323784c8522aa7","sha1":"86bb132382fa34e5006449a1a3f931b4303ac8f9","sha256":"78d2c9cef0124ba439a1e22e904b3083970db19d9d5adc9f940404d81d2352cf","sha512":"0ad15a0432c96cd093bfa631285ee158ce5c54b114d9ddf08a89616d4805d238e572faf86699d518d5c96f3e8feb2e6849cc64e207927e96d55ee47c9d0e7d36","ssdeep":"96:SO1arO1aTJc+ukO1aaN3OEanOEaCJc+ukOEauN3OxMacOxMaUJc+ukOxMarN3OpE:4hHdPgKQFVwa3RzJ/apsn","tlshash":"05c1add1087be114ab871cc123ce7d37ee1e9255b810e5786bfd0c98adabc654362b2d","first_seen":"2025-09-19T15:46:09.974384Z","last_seen":"2026-04-06T08:09:04.983379Z","times_seen":240,"resource_available":false,"data":null}},"time_used":247,"timings":{"blocked":98,"dns":1,"connect":7,"send":0,"wait":20,"receive":0,"ssl":117},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"immediate-evex.com/flags/et.png","fqdn":"immediate-evex.com","domain":"immediate-evex.com","tld":"com"},"ip":{"addr":"172.67.184.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://immediate-evex.com/","date":"2025-11-27T10:40:40.386Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediate-evex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 28 Oct 2025 16:10:44 GMT","end":"Mon, 26 Jan 2026 17:08:24 GMT"},"fingerprint":{"sha1":"2F:11:FF:18:07:95:3D:C3:46:D3:A5:52:0A:B1:3F:BA:5F:3D:F9:F2","sha256":"0B:50:80:94:59:E0:B0:A9:CA:10:6C:A5:7E:7D:14:B8:18:A7:17:2B:E3:4F:2B:87:04:C8:21:9D:35:3C:3D:E6"}}},"request":{"raw":"GET /flags/et.png HTTP/1.1\r\nHost: immediate-evex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediate-evex.com/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 27 Nov 2025 10:40:40 GMT\r\ncontent-type: image/png\r\ncontent-length: 522\r\nlast-modified: Fri, 10 Jan 2025 15:04:32 GMT\r\npriority: u=4,i=?0\r\netag: \"67813700-20a\"\r\nexpires: Mon, 26 Jan 2026 10:40:40 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Q%2BnY%2F1Y7sg706rFEo9Ny%2FolyR2XfwIK5424hXduvyGUaGbiXKpI1uF13WbVbZ2xrgXUayomNuVLZODO1Peol6Bi2IN9juA1qs6LnfGfrlvg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a51023c3b9856ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":522,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"3dc9c2f215da1556d324e0f48ca7f0a4","sha1":"3576caa6334d061fc86b4f3140968a989e07e189","sha256":"9d6e5b81b5b11a75fe5f89ca592837df3070467960556e6f0aa27d561c6c9a96","sha512":"2dc9f8514da837ac73bd675ff15ac67f29f90ef4140a0cd3267087cba295e3078c8c815fb4ca2df81c90351a2ec3b47b03061c7b10f93ccb6725f47d57387dd5","ssdeep":"","tlshash":"99f07cdd0308385c887b0c01c3970323d4d75c55671f2d05253c59ff5446dff4564551","first_seen":"2023-08-05T11:28:13Z","last_seen":"2026-04-06T08:09:04.976186Z","times_seen":318,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediate-evex.com/flags/el.png","fqdn":"immediate-evex.com","domain":"immediate-evex.com","tld":"com"},"ip":{"addr":"172.67.184.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://immediate-evex.com/","date":"2025-11-27T10:40:40.389Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediate-evex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 28 Oct 2025 16:10:44 GMT","end":"Mon, 26 Jan 2026 17:08:24 GMT"},"fingerprint":{"sha1":"2F:11:FF:18:07:95:3D:C3:46:D3:A5:52:0A:B1:3F:BA:5F:3D:F9:F2","sha256":"0B:50:80:94:59:E0:B0:A9:CA:10:6C:A5:7E:7D:14:B8:18:A7:17:2B:E3:4F:2B:87:04:C8:21:9D:35:3C:3D:E6"}}},"request":{"raw":"GET /flags/el.png HTTP/1.1\r\nHost: immediate-evex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediate-evex.com/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 27 Nov 2025 10:40:40 GMT\r\ncontent-type: image/png\r\ncontent-length: 775\r\nlast-modified: Fri, 10 Jan 2025 15:04:32 GMT\r\npriority: u=4,i=?0\r\netag: \"67813700-307\"\r\nexpires: Mon, 26 Jan 2026 10:40:40 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XIz190bZviA98TnlOfX2C6IXzhqd%2FoBwtqrD4HpywJy3cuazswRhXgWdnzJ%2BV6NxJ9R5O3u7py%2FAPy4OmlrE3MUgm92tMximmUONJTKMXfo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a51023c3b9a56ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":775,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"2a53590607a148f0533ed4748d8aa209","sha1":"bac5251024524bb9f5c39535cb99be24d10c92f7","sha256":"aa9fcea0dd91bdb0749763eff1466b252e00096d762946f1eb6f5330834d9161","sha512":"782b8ae9eb9cf9de06ec3ad5e53fc0bb43d8a6e8e5d5125bc2f8efe6c0c1ff99adbb0f8d473ebad385a95f3b8fb6839d2c6f2cba70ad8361293054b8adb45aab","ssdeep":"","tlshash":"450175de265c68f74d1c4607816b0e3cec470ea206759a11d338bddc57e38126040207","first_seen":"2023-05-02T00:49:29Z","last_seen":"2026-04-06T08:09:04.964752Z","times_seen":593,"resource_available":false,"data":null}},"time_used":158,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":158,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediate-evex.com/flags/ms.png","fqdn":"immediate-evex.com","domain":"immediate-evex.com","tld":"com"},"ip":{"addr":"172.67.184.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://immediate-evex.com/","date":"2025-11-27T10:40:40.396Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediate-evex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 28 Oct 2025 16:10:44 GMT","end":"Mon, 26 Jan 2026 17:08:24 GMT"},"fingerprint":{"sha1":"2F:11:FF:18:07:95:3D:C3:46:D3:A5:52:0A:B1:3F:BA:5F:3D:F9:F2","sha256":"0B:50:80:94:59:E0:B0:A9:CA:10:6C:A5:7E:7D:14:B8:18:A7:17:2B:E3:4F:2B:87:04:C8:21:9D:35:3C:3D:E6"}}},"request":{"raw":"GET /flags/ms.png HTTP/1.1\r\nHost: immediate-evex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediate-evex.com/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 27 Nov 2025 10:40:40 GMT\r\ncontent-type: image/png\r\ncontent-length: 1043\r\nlast-modified: Fri, 10 Jan 2025 15:04:32 GMT\r\npriority: u=4,i=?0\r\netag: \"67813700-413\"\r\nexpires: Mon, 26 Jan 2026 10:40:40 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oLQNuwQFwRHiehpT0rzphbs5P5n9LYojoor7UyYHtwm8Ep3nYZoeUGgG0v0G4oZMBAwpuj7LZXLR%2F7HvPDP1eGrq5ls5OWOfanZfV0f8%2Fpw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a51023c3ba156ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1043,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"3570bf54c536dcbd24f7ea9ddb7c2f41","sha1":"806758cc4afa15db5c70cc5330031a267d497237","sha256":"ed7928914d2ed92a77f00113d2e4811bd6e43180d03f3ec47e584fdb730a11fb","sha512":"5dac9c0629795f10873eed838e998f706621fa0a4d4f97b98f6ccb1c39909f453ef9238347e8d864daffeb984dcf1b5c7f079f5d5444e860d331c355afbb062b","ssdeep":"","tlshash":"b611b9ce51d623f2ac5d9de939071c6acb538472030b9a2bd8fd9c9e11b29253228300","first_seen":"2023-05-27T18:45:41Z","last_seen":"2026-04-06T08:09:04.965403Z","times_seen":309,"resource_available":false,"data":null}},"time_used":157,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":157,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediate-evex.com/","fqdn":"immediate-evex.com","domain":"immediate-evex.com","tld":"com"},"ip":{"addr":"172.67.184.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://immediate-evex.com/","date":"2025-11-27T10:40:40.900Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediate-evex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 28 Oct 2025 16:10:44 GMT","end":"Mon, 26 Jan 2026 17:08:24 GMT"},"fingerprint":{"sha1":"2F:11:FF:18:07:95:3D:C3:46:D3:A5:52:0A:B1:3F:BA:5F:3D:F9:F2","sha256":"0B:50:80:94:59:E0:B0:A9:CA:10:6C:A5:7E:7D:14:B8:18:A7:17:2B:E3:4F:2B:87:04:C8:21:9D:35:3C:3D:E6"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: immediate-evex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediate-evex.com/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 27 Nov 2025 10:40:41 GMT\r\ncontent-type: text/html\r\nlast-modified: Fri, 10 Jan 2025 15:03:58 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AkUZ8xyEzj6LHqQdx776waqJpXeEuRg5RLqhCDECPvgLCuCFFryhiUSKAi0WoUsNmi63axwy2OhhJYjh1DwIzd7QWFwd46MRwr4bw91r8Cs%3D\"}]}\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nx-geoip: NO\r\nset-cookie: lang_fx=; Path=/; Max-Age=2592000\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9a51023f9bd656ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":65368,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (3359)","md5":"14547a39a3be7f77dd5158c371326479","sha1":"18695175bf01353facded30934e18d3d77921c82","sha256":"460ad2003aa4875cbd53d13f2e5f6c2dbb6961d2810a676d978e3463557b21e9","sha512":"b74b0cda55529796ff9d377a91ba7de6f53bd5a25c6433684324197b55d69bf9439d3b0eccf927e060c9585e9f15830de7d7c94edf6b0c5785d906344b8d8f46","ssdeep":"1536:U9isStk/Qhq+yi7n4SkNsZyHiY66/1P7Akylj:ULjTP7Akylj","tlshash":"8253fb3129f11e6a025380c972242a8effb5898f93674948799d47970fc2de28977fdc","first_seen":"2025-11-27T10:41:09.224737Z","last_seen":"2025-11-27T10:41:09.224737Z","times_seen":1,"resource_available":false,"data":null}},"time_used":224,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":156,"receive":67,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediate-evex.com/flags/hr.png","fqdn":"immediate-evex.com","domain":"immediate-evex.com","tld":"com"},"ip":{"addr":"172.67.184.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://immediate-evex.com/","date":"2025-11-27T10:40:40.380Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediate-evex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 28 Oct 2025 16:10:44 GMT","end":"Mon, 26 Jan 2026 17:08:24 GMT"},"fingerprint":{"sha1":"2F:11:FF:18:07:95:3D:C3:46:D3:A5:52:0A:B1:3F:BA:5F:3D:F9:F2","sha256":"0B:50:80:94:59:E0:B0:A9:CA:10:6C:A5:7E:7D:14:B8:18:A7:17:2B:E3:4F:2B:87:04:C8:21:9D:35:3C:3D:E6"}}},"request":{"raw":"GET /flags/hr.png HTTP/1.1\r\nHost: immediate-evex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediate-evex.com/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 27 Nov 2025 10:40:40 GMT\r\ncontent-type: image/png\r\ncontent-length: 982\r\nlast-modified: Fri, 10 Jan 2025 15:04:32 GMT\r\npriority: u=4,i=?0\r\netag: \"67813700-3d6\"\r\nexpires: Mon, 26 Jan 2026 10:40:40 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7VqJ4Io3krT%2FP5%2FASKQxmsbn9WhnZNvIL0v4L26YW5NYHloedZ96pfIMKhNrSFjRh3ofX9xHE9arLOAG6FRQhOmyud6AApMRQa73n3eMgA8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a51023c2b8f56ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":982,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"41a7b90f600ed32eefb5e620a4f653fc","sha1":"7a6ab7cfc55a1239de75e073430c9634d5c18746","sha256":"63e36970eea32e52849d7b4d3a15d1da36be12ad3078df8c2b848aa7e9baa19b","sha512":"004bddcda655838947c0922be1f74ac3833ca444f3c872c9432232e5660f7ca9288c87acf2d1df19a21a768ae8a04e3f67278f7b6be4998a5e0355f279ba92dd","ssdeep":"","tlshash":"261165dec411043c410b39e6ae9b0bd989b767ac43520a45906db49abc795043ee49a5","first_seen":"2023-06-13T00:33:19Z","last_seen":"2026-04-06T08:09:04.959103Z","times_seen":4097,"resource_available":false,"data":null}},"time_used":163,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":163,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediate-evex.com/flags/da.png","fqdn":"immediate-evex.com","domain":"immediate-evex.com","tld":"com"},"ip":{"addr":"172.67.184.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://immediate-evex.com/","date":"2025-11-27T10:40:40.383Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediate-evex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 28 Oct 2025 16:10:44 GMT","end":"Mon, 26 Jan 2026 17:08:24 GMT"},"fingerprint":{"sha1":"2F:11:FF:18:07:95:3D:C3:46:D3:A5:52:0A:B1:3F:BA:5F:3D:F9:F2","sha256":"0B:50:80:94:59:E0:B0:A9:CA:10:6C:A5:7E:7D:14:B8:18:A7:17:2B:E3:4F:2B:87:04:C8:21:9D:35:3C:3D:E6"}}},"request":{"raw":"GET /flags/da.png HTTP/1.1\r\nHost: immediate-evex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediate-evex.com/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 27 Nov 2025 10:40:40 GMT\r\ncontent-type: image/png\r\ncontent-length: 595\r\nlast-modified: Fri, 10 Jan 2025 15:04:32 GMT\r\npriority: u=4,i=?0\r\netag: \"67813700-253\"\r\nexpires: Mon, 26 Jan 2026 10:40:40 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=H9fzF4A3IETmpXc5ZqJQX%2FjwWM1Hmsua6%2FYx9hKmGQpcJCzqAhCc%2BqkVy7R6MeCrEbRhHUt%2B3UuxkhLKuuQEfCpigednXNTPmAMT1hbQ8KU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a51023c3b9456ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":595,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"a30b08094003e6cfa25800109f955b7a","sha1":"4d43a76c0889bd20f88905cf6ad76b4e0ccd8597","sha256":"a981b9c5114a52486766b43af45545d454234f8d99cb405f24382b225394f117","sha512":"8f2f6e54b5910f386ca584c3fb2fc230dd67120bf40560b2e49fb5628463a9c397ef835961469a95b04eed8201c1584346d58008da11b0a35d721ce704e377c6","ssdeep":"","tlshash":"17f047ced352cc19499b75b116335105c4f717b8122bc45d1095ae0c3d297419996be6","first_seen":"2023-05-19T00:59:36Z","last_seen":"2026-04-06T08:09:04.971122Z","times_seen":588,"resource_available":false,"data":null}},"time_used":154,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":154,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediate-evex.com/flags/fi.png","fqdn":"immediate-evex.com","domain":"immediate-evex.com","tld":"com"},"ip":{"addr":"172.67.184.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://immediate-evex.com/","date":"2025-11-27T10:40:40.387Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediate-evex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 28 Oct 2025 16:10:44 GMT","end":"Mon, 26 Jan 2026 17:08:24 GMT"},"fingerprint":{"sha1":"2F:11:FF:18:07:95:3D:C3:46:D3:A5:52:0A:B1:3F:BA:5F:3D:F9:F2","sha256":"0B:50:80:94:59:E0:B0:A9:CA:10:6C:A5:7E:7D:14:B8:18:A7:17:2B:E3:4F:2B:87:04:C8:21:9D:35:3C:3D:E6"}}},"request":{"raw":"GET /flags/fi.png HTTP/1.1\r\nHost: immediate-evex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediate-evex.com/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 27 Nov 2025 10:40:40 GMT\r\ncontent-type: image/png\r\ncontent-length: 523\r\nlast-modified: Fri, 10 Jan 2025 15:04:32 GMT\r\npriority: u=4,i=?0\r\netag: \"67813700-20b\"\r\nexpires: Mon, 26 Jan 2026 10:40:40 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PBudmz7aBvsxmn9UwdWWLMEoHXfG3DREwpSfCbU9a%2BSDt0pES%2Fq8ZODXYAKllbV4Bgh%2BG31NWibw1ImXXLSLu2QlgXNKW7fLPtvTWuKqlUg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a51023c3b9756ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":523,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"605699c0baa63458c609512fc19363c8","sha1":"b920ed840cba7fa302d5e6eca3b51a7c64095f64","sha256":"5bf3510eaa1ec9cb53c13393d67ab23ced2c1912bcc614828707ce0bcec20119","sha512":"84d6a445b4ed0cc42ed936f05ba272e33247294bd3e58401518862da0479a3cd8d58ae9c13db2cb2fef091bac9fc18603243fd435b7ec4310d5ddaa7f0d23b8f","ssdeep":"","tlshash":"87f075d60161497cee5905e641200916dfd30440e71b2b100a2ea7dda5f2274dd347b2","first_seen":"2023-05-27T18:45:42Z","last_seen":"2026-04-06T08:09:04.952387Z","times_seen":574,"resource_available":false,"data":null}},"time_used":157,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":157,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediate-evex.com/flags/ja.png","fqdn":"immediate-evex.com","domain":"immediate-evex.com","tld":"com"},"ip":{"addr":"172.67.184.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://immediate-evex.com/","date":"2025-11-27T10:40:40.393Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediate-evex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 28 Oct 2025 16:10:44 GMT","end":"Mon, 26 Jan 2026 17:08:24 GMT"},"fingerprint":{"sha1":"2F:11:FF:18:07:95:3D:C3:46:D3:A5:52:0A:B1:3F:BA:5F:3D:F9:F2","sha256":"0B:50:80:94:59:E0:B0:A9:CA:10:6C:A5:7E:7D:14:B8:18:A7:17:2B:E3:4F:2B:87:04:C8:21:9D:35:3C:3D:E6"}}},"request":{"raw":"GET /flags/ja.png HTTP/1.1\r\nHost: immediate-evex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediate-evex.com/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 27 Nov 2025 10:40:40 GMT\r\ncontent-type: image/png\r\ncontent-length: 705\r\nlast-modified: Fri, 10 Jan 2025 15:04:32 GMT\r\npriority: u=4,i=?0\r\netag: \"67813700-2c1\"\r\nexpires: Mon, 26 Jan 2026 10:40:40 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9rA%2F1o09u4a0BN4r71YqOvNkr8R3V%2BLG1%2FAqCrwz5eby2a5%2FZQKalm13Ym1ohlc0sSOgjy7QEgIa56gz1HVrfwZGrNLhTbmJaYPfh6TnsaM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a51023c3b9e56ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":705,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"125d3bb3275409f964ec5023de1762c9","sha1":"f06d834f76897f2e8417a70b59b47419ad668ace","sha256":"4461385ad6fdaab33bd89e593c3fe1c14021644444d779584ddaec3cd4fe91f4","sha512":"bace0d647ae16a5a0c4cc9c169ef59e62a4db6b45ad839816d6e6113bbf0acbfee6e563e086a81396eb0b608eb5a0bd12b5cd82c8b102a40011f8096064d2c05","ssdeep":"","tlshash":"430160ee84182c9e40093161513f2b90ace342ca0a16301a82bfbc9d87e6931d32a66a","first_seen":"2023-05-04T12:51:22Z","last_seen":"2026-04-06T08:09:04.953708Z","times_seen":693,"resource_available":false,"data":null}},"time_used":155,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":155,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediate-evex.com/flags/sr.png","fqdn":"immediate-evex.com","domain":"immediate-evex.com","tld":"com"},"ip":{"addr":"172.67.184.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://immediate-evex.com/","date":"2025-11-27T10:40:40.402Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediate-evex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 28 Oct 2025 16:10:44 GMT","end":"Mon, 26 Jan 2026 17:08:24 GMT"},"fingerprint":{"sha1":"2F:11:FF:18:07:95:3D:C3:46:D3:A5:52:0A:B1:3F:BA:5F:3D:F9:F2","sha256":"0B:50:80:94:59:E0:B0:A9:CA:10:6C:A5:7E:7D:14:B8:18:A7:17:2B:E3:4F:2B:87:04:C8:21:9D:35:3C:3D:E6"}}},"request":{"raw":"GET /flags/sr.png HTTP/1.1\r\nHost: immediate-evex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediate-evex.com/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 27 Nov 2025 10:40:40 GMT\r\ncontent-type: image/png\r\ncontent-length: 1009\r\nlast-modified: Fri, 10 Jan 2025 15:04:32 GMT\r\npriority: u=4,i=?0\r\netag: \"67813700-3f1\"\r\nexpires: Mon, 26 Jan 2026 10:40:40 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9R2IxzC2Y%2F71YoEFvbzeQTltDk2YKTt0MlgVsH8zut16HAQHBDmc14zRMFVc6NknTllDsnOQZFXKQfo%2F%2FGnTTSkNDcymr1Bth9848C0LeSQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a51023c4ba656ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1009,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"0c5055eb6380dc316b78186e47738aca","sha1":"6130e54d0a11874109a7b9be82fa15e8e2d93fc7","sha256":"724fd2c83f9ca340c60f394c06dd5987b771f57f237e8b5f33e156b0b4c9fd79","sha512":"62aa89ac0235c1acf551be0257348d05de3e4cc4d2d5af8dbaf91e3e8d6ac4f223f0ebf4fa7e4e47b4db195659755aa21d8644359ee76552d193a6b997eab7a6","ssdeep":"","tlshash":"0c11d58a0138483acbae42c0228b708a7fd3efc0d517cd013488f8023e1a1e985126a0","first_seen":"2023-05-02T00:49:29Z","last_seen":"2026-04-06T08:09:04.956148Z","times_seen":358,"resource_available":false,"data":null}},"time_used":151,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":151,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"immediate-evex.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}