{"report_id":"0d1f5821-a847-4e80-990e-3228b7228134","version":6,"status":"done","tags":[],"date":"2025-12-29T00:38:05Z","url":{"schema":"http","addr":"gydoo.in/","fqdn":"gydoo.in","domain":"gydoo.in","tld":"in"},"ip":{"addr":"172.67.166.155","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"gydoo.in/","fqdn":"gydoo.in","domain":"gydoo.in","tld":"in"},"title":"gydoo.in/","dom":{"size":39,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with no line terminators","md5":"086707e4369f60afedcafb16050a7618","sha1":"8216b0cc6876cbd44f01c158e7dff3833ceccd41","sha256":"a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e","sha512":"aade21843813e2cab329b99185c6f61db7907a556ea974e0315dcf3ad967cab20fee66d4f10db0d0ec43a71e086ce6d700d5524103deaefa3ce5f6be74ba5737","ssdeep":"","tlshash":"6a9000fee0a2000efc303bc00cc2238a0c28c3a830028e002ac038b8c80822bcc032c8","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"gydoo.in/","fqdn":"gydoo.in","domain":"gydoo.in","tld":"in"},"ip":{"addr":"172.67.166.155","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-02T00:38:05Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-29","alert":"Sinkholed","trigger":"gydoo.in","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"gydoo.in","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2025-12-29T00:38:05.993446Z","last_seen":"2025-12-29T00:38:05.993446Z","alert_count":2,"request_count":2,"received_data":16704,"sent_data":920,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"gydoo.in/","fqdn":"gydoo.in","domain":"gydoo.in","tld":"in"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-29T00:37:43.468Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gydoo.in","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 28 Dec 2025 06:04:23 GMT","end":"Sat, 28 Mar 2026 07:01:42 GMT"},"fingerprint":{"sha1":"11:9B:47:B9:E5:F2:A6:FA:83:62:D9:FD:31:53:05:5A:93:EB:0F:73","sha256":"DB:EA:3E:E3:28:A7:42:42:F5:17:CD:98:5A:0E:27:C2:33:0F:A0:67:CC:B2:97:FE:F3:2F:28:76:F5:FD:65:B4"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: gydoo.in\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 500 Internal Server Error\r\ndate: Mon, 29 Dec 2025 00:37:43 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nset-cookie: dmverify=9; expires=Mon, 29-Dec-2025 01:37:43 GMT; Max-Age=3600; path=/\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IMFbi1vWEZYE9G4sX2JzNQAftvR3xRLOFTIGWelFA66S4b6v9h5WAQrSyoNVhLyrAcnOxtkOOv58cZI2Je8wi3pWtgH%2BGA%3D%3D\"}]}\r\ncf-ray: 9b553b031d5656b1-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"500","status_text":"Internal Server Error","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-21T17:23:37.112312Z","times_seen":15507115,"resource_available":true,"data":null}},"time_used":581,"timings":{"blocked":68,"dns":47,"connect":1,"send":0,"wait":445,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-29","alert":"Sinkholed","trigger":"gydoo.in","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gydoo.in/favicon.ico","fqdn":"gydoo.in","domain":"gydoo.in","tld":"in"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gydoo.in/","date":"2025-12-29T00:37:44.129Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gydoo.in","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 28 Dec 2025 06:04:23 GMT","end":"Sat, 28 Mar 2026 07:01:42 GMT"},"fingerprint":{"sha1":"11:9B:47:B9:E5:F2:A6:FA:83:62:D9:FD:31:53:05:5A:93:EB:0F:73","sha256":"DB:EA:3E:E3:28:A7:42:42:F5:17:CD:98:5A:0E:27:C2:33:0F:A0:67:CC:B2:97:FE:F3:2F:28:76:F5:FD:65:B4"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: gydoo.in\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gydoo.in/\r\nCookie: dmverify=9\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 29 Dec 2025 00:37:44 GMT\r\ncontent-type: image/x-icon\r\nserver: cloudflare\r\nlast-modified: Mon, 25 Dec 2023 03:49:01 GMT\r\nvary: accept-encoding\r\nstrict-transport-security: max-age=31536000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FyLeIqnIyJf11lq5X7yoqMkewNO3EO%2F41b3WY%2FjXqMu7B1TPm3dkRMp3FTfqVurJrzPAl%2BS3zSvPjHCH0erEjrtTLu%2FadQ%3D%3D\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"6588fbad-3c2e\"\r\ncontent-encoding: br\r\ncf-ray: 9b553b06cf6b56b1-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":15406,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel","md5":"a827021f26610999e782ff06b3b196bb","sha1":"610d3a79eb505af808025165942c506687131d62","sha256":"00450e86c07076a2bbbe578b62b3560fc20b10b939d3ee0476874e00da6bc26a","sha512":"580c52ce6d37f88dae1933b10ae82b6e2bf0ff38fc8e66dc1538c857d31df401816a12643b16afa3453b1b64978d4ceef5be6bc07df12b60d797ff7f7daa9fd8","ssdeep":"192:Hcp/0HgiiIiiyiiivic53X4N4iii2iiiiiMiiiiii7iiiiiJiiiiiMiJc:QeDN","tlshash":"fb62cf2254c8bf05eb233f74e82efba081f406857756043b16afbd83d09e756995c726","first_seen":"2025-11-28T12:50:33.391762Z","last_seen":"2025-12-29T00:38:09.221685Z","times_seen":2,"resource_available":false,"data":null}},"time_used":356,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":356,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-29","alert":"Sinkholed","trigger":"gydoo.in","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}