{"report_id":"b17f064a-5d9e-4030-a50b-6d1f0c6d44a9","version":6,"status":"done","tags":[],"date":"2026-02-14T16:54:36Z","url":{"schema":"http","addr":"feetcult.top","fqdn":"feetcult.top","domain":"feetcult.top","tld":"top"},"ip":{"addr":"45.67.85.152","port":0,"asn":203363,"as":"Kuroit Limited","country":"United Kingdom","country_code":"GB"},"final":{"url":{"schema":"https","addr":"feetcult.top/","fqdn":"feetcult.top","domain":"feetcult.top","tld":"top"},"title":"Access Denied","dom":{"size":2510,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (407)","md5":"b62f9f1091309a207cf60823fc706671","sha1":"4e7ba508d2bf7495d017245404cc182d36e23712","sha256":"ed32b3f891cc89f39c395b16ab00782493e5cf04eaf67d5f254b8258bd1a833c","sha512":"af6e8783f0faa5fceffaded73d4a4a2b70771c02261d635c32e4407e5134514ffb787278b1884c36b027f1cc8e2a0aff93da9a9e85e78c7155b9c44c4c787bce","ssdeep":"","tlshash":"53510091c74c98a7d20f29e63d2d22d0596f4cb369538abebc73a268d1cc14c877e574","dom_hash":"domhashe098ce54483489ba9d96a11ca86dfe19","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"feetcult.top","fqdn":"feetcult.top","domain":"feetcult.top","tld":"top"},"ip":{"addr":"45.67.85.152","port":0,"asn":203363,"as":"Kuroit Limited","country":"United Kingdom","country_code":"GB"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-21T16:54:36Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"feetcult.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"feetcult.top","ip":{"addr":"45.67.85.152","port":443,"asn":203363,"as":"Kuroit Limited","country":"United Kingdom","country_code":"GB"},"domain_registered":"2026-02-06","domain_rank":0,"first_seen":"2026-02-14T16:50:05.631861Z","last_seen":"2026-02-14T16:50:05.631861Z","alert_count":2,"request_count":2,"received_data":5927,"sent_data":912,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"feetcult.top/","fqdn":"feetcult.top","domain":"feetcult.top","tld":"top"},"ip":{"addr":"45.67.85.152","port":443,"asn":203363,"as":"Kuroit Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-14T16:54:14.824Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"feetcult.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 18:59:17 GMT","end":"Thu, 07 May 2026 18:59:16 GMT"},"fingerprint":{"sha1":"2A:09:63:B4:34:4A:97:A5:22:1D:79:27:B4:55:1A:44:99:A2:40:B5","sha256":"26:A1:8F:25:0A:26:78:AB:BB:48:92:30:9D:32:00:30:42:67:B8:89:E1:0C:59:F3:0C:38:61:1B:9E:E3:98:AD"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: feetcult.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 14 Feb 2026 16:54:14 GMT\r\ncontent-type: text/html; charset=utf-8\r\nlast-modified: Tue, 22 Jul 2025 04:35:05 GMT\r\nvary: Accept-Encoding\r\netag: W/\"687f14f9-a10\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2576,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (394)","md5":"795dec8c6ee1ef7607739b35d42fbba9","sha1":"89918823d34704b2b289ac0e7b2572b48b2422b1","sha256":"2f1f4ee6d3e2ddcafe82fdefd4a29fba144f54b9a0136eecebb95f7679fdabf4","sha512":"d89c04ecda1fe40e22c6138b464b8376dac019ce17930e68461e4f5284eb1807c541c848262a3a368bc8c34d5cbf2c3ca21a07b409db0cdf6e176c8867e32809","ssdeep":"","tlshash":"e651ffd1c74c9897d20a28e63d2d22d0596f4cb669938abebc73a264d5cc14c877e174","first_seen":"2025-04-12T21:27:21.464337Z","last_seen":"2026-06-01T23:48:02.04268Z","times_seen":54,"resource_available":true,"data":null}},"time_used":217,"timings":{"blocked":92,"dns":0,"connect":33,"send":0,"wait":33,"receive":0,"ssl":56},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"feetcult.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"feetcult.top/favicon.ico","fqdn":"feetcult.top","domain":"feetcult.top","tld":"top"},"ip":{"addr":"45.67.85.152","port":443,"asn":203363,"as":"Kuroit Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://feetcult.top/","date":"2026-02-14T16:54:15.099Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"feetcult.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 18:59:17 GMT","end":"Thu, 07 May 2026 18:59:16 GMT"},"fingerprint":{"sha1":"2A:09:63:B4:34:4A:97:A5:22:1D:79:27:B4:55:1A:44:99:A2:40:B5","sha256":"26:A1:8F:25:0A:26:78:AB:BB:48:92:30:9D:32:00:30:42:67:B8:89:E1:0C:59:F3:0C:38:61:1B:9E:E3:98:AD"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: feetcult.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://feetcult.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Sat, 14 Feb 2026 16:54:15 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\netag: W/\"69864c89-b52\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2898,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (634)","md5":"f01ba522c3539135df33250082846848","sha1":"af31de06cf3d07cf83f104af8755b0cc5222ffc6","sha256":"2e8deb28946a6b41ccb927eaa43bbaa78ea82cef39a40638f2e5afa8e90e73ca","sha512":"5ca1b1d3c6f8e1948574a743bd6f58d9f430f9a576c9e656958dda81546a6b0baf0c02ff1b084640351a2bc44ba644e0f671aef0e2ff30981feec2af47764ee6","ssdeep":"","tlshash":"08515194c71c649fd35e24e6293e22c0282f8cb669a3ce7bbc77b174d6c800c87395a5","first_seen":"2025-04-07T04:58:47.339843Z","last_seen":"2026-06-07T07:44:09.829373Z","times_seen":6600,"resource_available":true,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"feetcult.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}