{"report_id":"3574c1ed-b8dd-409d-9f31-4b34bffef44a","version":6,"status":"done","tags":[],"date":"2025-10-04T09:24:56Z","url":{"schema":"http","addr":"www.zuriearth.co.ke/","fqdn":"www.zuriearth.co.ke","domain":"zuriearth.co.ke","tld":"co.ke"},"ip":{"addr":"198.251.89.82","port":0,"asn":53667,"as":"PONYNET","country":"Luxembourg","country_code":"LU"},"final":{"url":{"schema":"https","addr":"www.zuriearth.co.ke/","fqdn":"www.zuriearth.co.ke","domain":"zuriearth.co.ke","tld":"co.ke"},"title":"Database Error"},"submit":{"url":{"schema":"http","addr":"www.zuriearth.co.ke/","fqdn":"www.zuriearth.co.ke","domain":"zuriearth.co.ke","tld":"co.ke"},"ip":{"addr":"198.251.89.82","port":0,"asn":53667,"as":"PONYNET","country":"Luxembourg","country_code":"LU"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-08T09:24:56Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-04","alert":"Sinkholed","trigger":"www.zuriearth.co.ke","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"www.zuriearth.co.ke","ip":{"addr":"198.251.89.82","port":443,"asn":53667,"as":"PONYNET","country":"Luxembourg","country_code":"LU"},"domain_registered":"2025-09-13","domain_rank":0,"first_seen":"2025-10-04T09:24:56.618187Z","last_seen":"2025-10-04T09:24:56.618187Z","alert_count":2,"request_count":2,"received_data":4456,"sent_data":933,"comment":"","tags":null,"fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"www.zuriearth.co.ke/favicon.ico","fqdn":"www.zuriearth.co.ke","domain":"zuriearth.co.ke","tld":"co.ke"},"ip":{"addr":"198.251.89.82","port":443,"asn":53667,"as":"PONYNET","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.zuriearth.co.ke/","date":"2025-10-04T09:24:34.266Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zuriearth.co.ke","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 13 Sep 2025 07:43:51 GMT","end":"Fri, 12 Dec 2025 07:43:50 GMT"},"fingerprint":{"sha1":"3D:61:5D:3A:DE:6F:37:18:B4:E8:DF:FD:83:F7:2E:36:C7:27:9B:83","sha256":"AB:6E:51:1B:27:64:01:AC:5B:F8:39:AC:E6:13:28:5E:E5:19:18:8C:EA:CA:31:6A:35:15:C8:81:D4:BC:44:79"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: www.zuriearth.co.ke\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.zuriearth.co.ke/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\ncontent-type: text/html\r\ncontent-length: 1251\r\ndate: Sat, 04 Oct 2025 09:24:34 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1251,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"8150f458ed6fb9b1db4e5cfa57a1a281","sha1":"6e5726854d28687b560d7fdcb5c782c425c7dfb9","sha256":"4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896","sha512":"4cc6a112673aef8bb8bb8a385c26791b805d43bb707b509880e894f1c83bab4e16f13de187036c5f660c3bec1d286258396b7bde65c5d7945c5019665196818c","ssdeep":"","tlshash":"c021353ec1c1560ae0271164fbc1f7a86669825291970f703b9eb176f6cd0bb56a36c8","first_seen":"2024-02-08T16:48:55Z","last_seen":"2026-04-04T15:49:14.640366Z","times_seen":115725,"resource_available":true,"data":null}},"time_used":79,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":79,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-04","alert":"Sinkholed","trigger":"www.zuriearth.co.ke","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.zuriearth.co.ke/","fqdn":"www.zuriearth.co.ke","domain":"zuriearth.co.ke","tld":"co.ke"},"ip":{"addr":"198.251.89.82","port":443,"asn":53667,"as":"PONYNET","country":"Luxembourg","country_code":"LU"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-04T09:24:33.912Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zuriearth.co.ke","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 13 Sep 2025 07:43:51 GMT","end":"Fri, 12 Dec 2025 07:43:50 GMT"},"fingerprint":{"sha1":"3D:61:5D:3A:DE:6F:37:18:B4:E8:DF:FD:83:F7:2E:36:C7:27:9B:83","sha256":"AB:6E:51:1B:27:64:01:AC:5B:F8:39:AC:E6:13:28:5E:E5:19:18:8C:EA:CA:31:6A:35:15:C8:81:D4:BC:44:79"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www.zuriearth.co.ke\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 500 Internal Server Error\r\ncontent-type: text/html; charset=UTF-8\r\nexpires: Wed, 11 Jan 1984 05:00:00 GMT\r\ncache-control: no-cache, must-revalidate, max-age=0, no-store, private\r\ncontent-length: 905\r\ncontent-encoding: br\r\nvary: Accept-Encoding,User-Agent\r\ndate: Sat, 04 Oct 2025 09:24:34 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"500","status_text":"Internal Server Error","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2431,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"ce763eb421409984709946b2a55fe330","sha1":"ebf9eace0401ec57fb2cf1d6816577e0bb930576","sha256":"09f08fb2cfbbd4a82b3af5a50f2cf5de3639d6c81970de22919bcec893baa429","sha512":"83ab8b57bff9ec892527d7437e4ad2a176f1bac7df44df07fc30a62728f4fe73927857367d7460ade2a0b626b8af8a800a1f38ec17d4295552513ac1b761e130","ssdeep":"","tlshash":"6c410f26bb0c100f62168c947935f7d2660f523785180ebbbc609538dfc52789eb6bbc","first_seen":"2024-11-18T00:23:01.887877Z","last_seen":"2026-04-02T21:45:31.446891Z","times_seen":610,"resource_available":true,"data":null}},"time_used":436,"timings":{"blocked":161,"dns":0,"connect":79,"send":0,"wait":114,"receive":0,"ssl":81},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-04","alert":"Sinkholed","trigger":"www.zuriearth.co.ke","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}