{"report_id":"0a2238e4-b88c-4c1d-947b-29496c26a6e5","version":6,"status":"done","tags":[],"date":"2025-08-02T12:22:41Z","url":{"schema":"http","addr":"ms-13.feelmyfashion.com/","fqdn":"ms-13.feelmyfashion.com","domain":"feelmyfashion.com","tld":"com"},"ip":{"addr":"104.21.112.1","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"ms-13.feelmyfashion.com/","fqdn":"ms-13.feelmyfashion.com","domain":"feelmyfashion.com","tld":"com"},"title":"Not Found (#404)"},"submit":{"url":{"schema":"http","addr":"ms-13.feelmyfashion.com/","fqdn":"ms-13.feelmyfashion.com","domain":"feelmyfashion.com","tld":"com"},"ip":{"addr":"104.21.112.1","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-09-06T12:22:41Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-02","alert":"Sinkholed","trigger":"ms-13.feelmyfashion.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"ms-13.feelmyfashion.com","ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2023-10-16","domain_rank":0,"first_seen":"2025-08-02T12:22:41.513747Z","last_seen":"2025-08-02T12:22:41.513747Z","alert_count":5,"request_count":5,"received_data":137836,"sent_data":3152,"comment":"","tags":null,"fingerprints":[{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"ms-13.feelmyfashion.com/","fqdn":"ms-13.feelmyfashion.com","domain":"feelmyfashion.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-08-02T12:22:19.028Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"feelmyfashion.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 30 Jul 2025 16:11:10 GMT","end":"Tue, 28 Oct 2025 17:09:17 GMT"},"fingerprint":{"sha1":"7B:79:A4:60:2E:0A:E0:A4:F0:2D:40:1A:C8:C4:D0:67:09:E8:79:A0","sha256":"90:97:D1:79:5A:75:C7:11:25:23:D4:87:02:C8:2B:A1:42:D9:43:D5:19:54:2F:8B:DD:D4:21:6F:79:65:FA:33"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: ms-13.feelmyfashion.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Sat, 02 Aug 2025 12:22:19 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=C3CL%2FDcSRez2FcMYrx9XP1Rx3fyjsAf%2BOGXEOcb2raOOV72mY2PFmAXsQY31h5Y8ltm8Gq2jPzqaP92Z0ifXFEDKISv7aUMNDCChi6y5z37Kj4IiUQ%3D%3D\"}]}\r\nvary: accept-encoding\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nstrict-transport-security: max-age=7776000; includeSubDomains\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nset-cookie: PHPSESSID=l8m3r3ad2tl3ovfadm0qbu5oj1; HttpOnly; Path=/\n_csrf=00eff4b7bca90f29e9d5872060bb2f78a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22bkW3OWevcuIK08KBiJG_IObyIqv4b7gB%22%3B%7D; HttpOnly; SameSite=Lax; Path=/\r\ncf-ray: 968d8a4129cab4ff-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":1013,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"34d23aea706bbac08963e66371bc9576","sha1":"29535af18d2ab268b7cd93c5621e2d1ecc83bf73","sha256":"3766963bf7dae4dd0430e04fe62a0ac615d6c9b6d670f1af5feb25ad97d581a5","sha512":"557c40bf8ddb6ea1d95253d1c103e3b850352e33cff3513b46042743affbe1fd3eea8b0906bcf5fdaa5569ae135226622c7447a69732bf9d8b14c06ec90f0c6c","ssdeep":"","tlshash":"3a11104ed0d1091a51a182703fd6b3069f8b99678aa7194072ce968a6fdae86cdb3448","first_seen":"2025-08-02T12:22:42.386016Z","last_seen":"2025-08-02T12:22:42.386016Z","times_seen":1,"resource_available":false,"data":null}},"time_used":202,"timings":{"blocked":38,"dns":14,"connect":1,"send":0,"wait":126,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-02","alert":"Sinkholed","trigger":"ms-13.feelmyfashion.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ms-13.feelmyfashion.com/media/bootstrap/css/bootstrap.min.css?v=1672876665","fqdn":"ms-13.feelmyfashion.com","domain":"feelmyfashion.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ms-13.feelmyfashion.com/","date":"2025-08-02T12:22:19.454Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"feelmyfashion.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 30 Jul 2025 16:11:10 GMT","end":"Tue, 28 Oct 2025 17:09:17 GMT"},"fingerprint":{"sha1":"7B:79:A4:60:2E:0A:E0:A4:F0:2D:40:1A:C8:C4:D0:67:09:E8:79:A0","sha256":"90:97:D1:79:5A:75:C7:11:25:23:D4:87:02:C8:2B:A1:42:D9:43:D5:19:54:2F:8B:DD:D4:21:6F:79:65:FA:33"}}},"request":{"raw":"GET /media/bootstrap/css/bootstrap.min.css?v=1672876665 HTTP/1.1\r\nHost: ms-13.feelmyfashion.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ms-13.feelmyfashion.com/\r\nCookie: PHPSESSID=l8m3r3ad2tl3ovfadm0qbu5oj1; _csrf=00eff4b7bca90f29e9d5872060bb2f78a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22bkW3OWevcuIK08KBiJG_IObyIqv4b7gB%22%3B%7D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 02 Aug 2025 12:22:19 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Wed, 04 Jan 2023 23:57:45 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qawrGZ9%2F5c1cyWmyCJ8C9F6m15waY7ld8TodUzcxY8R3T%2BvygKw%2F%2F6tBNcgH3adGyW1jBAIaykDE%2FYZ454r8awW7UILwaPqLMdcI477D08ddfmwKVQ%3D%3D\"}]}\r\nvary: accept-encoding\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\netag: W/\"63b61279-1d96e\"\r\ncontent-encoding: br\r\ncf-ray: 968d8a438c96b4ff-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":121198,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65371)","md5":"c67c11ef3a9723f5c2d7968b65cf0b50","sha1":"0aa2e67df54be24902e60e6b8dee78c27831b3d2","sha256":"542844c78b550dd2ddc43bfdb1c4b7e024a72689f5473814a59e25936a235510","sha512":"26077fe02c222b5775c2d55f4efeeb3c04722810f1091a28b12a103c041ca4ed55caa2582b868de4d4883c363dadfa9144262fa027781ca52b3d5bb3b98b0bea","ssdeep":"768:Vy3Gxw/Vc/QWlJxtQhIuiHl15mzI4X8OAduFKbv2ctg2Bd8JP7ecQVvH1FS:nw/a1YIuiHl15mN8lDbNmPbh","tlshash":"91c3c7a0f21031ea7333c55a75d0ed872219a153e56a4fb7f22f25d88f845ca1673f1a","first_seen":"2023-05-16T22:50:38Z","last_seen":"2026-03-28T05:50:40.710448Z","times_seen":135,"resource_available":false,"data":null}},"time_used":146,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":146,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-02","alert":"Sinkholed","trigger":"ms-13.feelmyfashion.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ms-13.feelmyfashion.com/media/manage/css/site.css?v=1724852412","fqdn":"ms-13.feelmyfashion.com","domain":"feelmyfashion.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ms-13.feelmyfashion.com/","date":"2025-08-02T12:22:19.456Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"feelmyfashion.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 30 Jul 2025 16:11:10 GMT","end":"Tue, 28 Oct 2025 17:09:17 GMT"},"fingerprint":{"sha1":"7B:79:A4:60:2E:0A:E0:A4:F0:2D:40:1A:C8:C4:D0:67:09:E8:79:A0","sha256":"90:97:D1:79:5A:75:C7:11:25:23:D4:87:02:C8:2B:A1:42:D9:43:D5:19:54:2F:8B:DD:D4:21:6F:79:65:FA:33"}}},"request":{"raw":"GET /media/manage/css/site.css?v=1724852412 HTTP/1.1\r\nHost: ms-13.feelmyfashion.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ms-13.feelmyfashion.com/\r\nCookie: PHPSESSID=l8m3r3ad2tl3ovfadm0qbu5oj1; _csrf=00eff4b7bca90f29e9d5872060bb2f78a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22bkW3OWevcuIK08KBiJG_IObyIqv4b7gB%22%3B%7D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 02 Aug 2025 12:22:19 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Wed, 28 Aug 2024 13:40:12 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=P22jDE%2FH1awE4MHktPTVM48w1KpT7sto6sE%2FLdGp%2FNP5bF18cxOVi%2FvtYsMpJKFQ6%2Bo%2BZ8U3p8uTgb5YFmlbDJ8pO14N3kci3N%2F5IgYgI5PFxwnFGg%3D%3D\"}]}\r\nvary: accept-encoding\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\netag: W/\"66cf28bc-24e0\"\r\ncontent-encoding: br\r\ncf-ray: 968d8a438c9bb4ff-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9440,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, ASCII text","md5":"35f8a62189a06f32713b07057c57fe63","sha1":"2aa62bcd9340489be54aca514f42659a19355cb4","sha256":"b87aa804a9cf8e3bdf592c2cb55dde0c2b7beeee531aff90c98664db0c7b0236","sha512":"a2c8d4a006f4d097e337384b7e7f2a6481ced8eb9780d3294a1e714c01f2de55fe787b21b41bfffb98ef238b3e49a09f07e3ac91a3f486186cc4c5e5bb87b551","ssdeep":"192:BIgoTtKNaKeTT4F/hF22hzz8e0pBZ24zSqULJC5PvO7ULUp9:68yEFZFxhzz8vws2","tlshash":"26121003f7a7298af70565552a3bb399630c41878eabc5747f8cab18cf4e2958371b4c","first_seen":"2025-04-15T08:32:10.494292Z","last_seen":"2026-03-28T05:50:40.709857Z","times_seen":131,"resource_available":false,"data":null}},"time_used":123,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":123,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-02","alert":"Sinkholed","trigger":"ms-13.feelmyfashion.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ms-13.feelmyfashion.com/","fqdn":"ms-13.feelmyfashion.com","domain":"feelmyfashion.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-08-02T12:22:19.308Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"feelmyfashion.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 30 Jul 2025 16:11:10 GMT","end":"Tue, 28 Oct 2025 17:09:17 GMT"},"fingerprint":{"sha1":"7B:79:A4:60:2E:0A:E0:A4:F0:2D:40:1A:C8:C4:D0:67:09:E8:79:A0","sha256":"90:97:D1:79:5A:75:C7:11:25:23:D4:87:02:C8:2B:A1:42:D9:43:D5:19:54:2F:8B:DD:D4:21:6F:79:65:FA:33"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: ms-13.feelmyfashion.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=l8m3r3ad2tl3ovfadm0qbu5oj1; _csrf=00eff4b7bca90f29e9d5872060bb2f78a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22bkW3OWevcuIK08KBiJG_IObyIqv4b7gB%22%3B%7D\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Sat, 02 Aug 2025 12:22:19 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FCrnFImshy9HJEAixZWPhyPk9xM76lqYeCZ4%2FBQqHhZ6NIDNRYEEoqk4MDkqKSDNpUg8ami4reyOUB8DPrFl%2F%2FB%2BYuOApbgIZIB5wc6KqNfOBkgw2A%3D%3D\"}]}\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nstrict-transport-security: max-age=7776000; includeSubDomains\r\nvary: accept-encoding\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 968d8a42abadb4ff-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1013,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"219cd24c8c2e1dd2da0311467edca9b1","sha1":"23fa925757daa793606eda96424d5dd6a9d3895c","sha256":"54c59ec86092b7ad37be496234aed60a9d01478264037fde559e55774c6529af","sha512":"d9e14491732ec963795823ef2b71fd21ceaa9b43a9c42e026301716d1406f5ffdfe23f272b96a34fa8ac6dcbb3758fa82196bc62c49051f72ca4b6f214a0056e","ssdeep":"","tlshash":"b011104e95d2091b41a142303fd67305dfd68923caab291073de564b6fd9ec7cca344c","first_seen":"2025-08-02T12:22:42.391753Z","last_seen":"2025-08-02T12:22:42.391753Z","times_seen":1,"resource_available":false,"data":null}},"time_used":37,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-02","alert":"Sinkholed","trigger":"ms-13.feelmyfashion.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ms-13.feelmyfashion.com/favicon.ico?b=12","fqdn":"ms-13.feelmyfashion.com","domain":"feelmyfashion.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ms-13.feelmyfashion.com/","date":"2025-08-02T12:22:19.649Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"feelmyfashion.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 30 Jul 2025 16:11:10 GMT","end":"Tue, 28 Oct 2025 17:09:17 GMT"},"fingerprint":{"sha1":"7B:79:A4:60:2E:0A:E0:A4:F0:2D:40:1A:C8:C4:D0:67:09:E8:79:A0","sha256":"90:97:D1:79:5A:75:C7:11:25:23:D4:87:02:C8:2B:A1:42:D9:43:D5:19:54:2F:8B:DD:D4:21:6F:79:65:FA:33"}}},"request":{"raw":"GET /favicon.ico?b=12 HTTP/1.1\r\nHost: ms-13.feelmyfashion.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ms-13.feelmyfashion.com/\r\nCookie: PHPSESSID=l8m3r3ad2tl3ovfadm0qbu5oj1; _csrf=00eff4b7bca90f29e9d5872060bb2f78a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22bkW3OWevcuIK08KBiJG_IObyIqv4b7gB%22%3B%7D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 02 Aug 2025 12:22:19 GMT\r\ncontent-type: image/x-icon\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=Sl6t7bwnBkO%2BbUGSNGwfI72GDQT20lqgrsF%2FrdtTu%2F6J9GhWTiWkeOtvwX1iSiEA4vmvIp2rfmGm0mJo2fnvjYEUegd8292LhPS%2FkBzIgua00zdthor5J3zERwDNKZVfAUrtDpChjJUhYA%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nlast-modified: Wed, 04 Jan 2023 23:57:45 GMT\r\netag: W/\"63b61279-47e\"\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\ncontent-encoding: br\r\ncf-ray: 968d8a44dbbd0afe-OSL\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=QUIC\u0026rtt=2000\u0026min_rtt=496\u0026rtt_var=1821\u0026sent=131\u0026recv=176\u0026lost=0\u0026retrans=0\u0026sent_bytes=11583\u0026recv_bytes=10088\u0026delivery_rate=648128\u0026ss_exit_cwnd=14928\u0026ss_exit_reason=2\u0026cwnd=14000\u0026unsent_bytes=0\u0026cid=0e01278ccb61f169\u0026ts=582\u0026inflight_dur=30\u0026x=40\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1150,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel","md5":"0b7233ec371d986513de31b1b8321133","sha1":"716dfe9fd02bd353a45e8a00694ac8386f875572","sha256":"4f058f01e35c0abfdf4985c78cf605974b50b56d6c1518e4b97dfbaa06c00050","sha512":"62d2d81214ec1036b26e8a887b736dbf9b8c4975472f3d9ade5b7776ce5acffdb6a2ab3071606f6f0fea194eb22139ecbdabc9b3e52a5a38c5bd12c3bc1d2fa8","ssdeep":"","tlshash":"212162c9f7924636d4a05b70452a590705535c74fe2bfa08ef1cf8bd893b4c824e2a29","first_seen":"2023-05-16T22:50:38Z","last_seen":"2026-03-28T05:50:40.711012Z","times_seen":161,"resource_available":false,"data":null}},"time_used":132,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":132,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-02","alert":"Sinkholed","trigger":"ms-13.feelmyfashion.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}