Report - padmv.gov-dfbm.cfd/pay/

Report Overview

Visited public
2025-06-02 10:48:15
Tags
URL
padmv.gov-dfbm.cfd/pay/
Finishing URL
padmv.gov-dfbm.cfd/pay/
IP / ASN
49.51.75.162
#132203 Tencent Building, Kejizhongyi Avenue
Title
Driver Services

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
siteintercept.qualtrics.com	1163	2000-03-30	2012-05-22	2025-05-30	4.0 kB	60 kB	104.17.208.240
www.gstatic.com	unknown	2008-02-11	2012-05-29	2025-05-28	935 B	4.1 kB	142.250.178.35
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2025-05-28	457 B	7.1 kB	142.250.178.67
padmv.gov-dfbm.cfd	unknown	2025-05-31	2025-06-02	2025-06-02	4.7 kB	2.8 MB	49.51.75.162

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (2)

	URL	From	Size	First Seen	Last Seen
	padmv.gov-dfbm.cfd/pay/	ScriptElement	314 B	2023-03-11	2025-06-10
Pretty URL padmv.gov-dfbm.cfd/pay/ IP 49.51.75.162 ASN #132203 Tencent Building, Kejizhongyi Avenue Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-11 11:23 Last Seen2025-06-10 04:01 Times Seen5415 Hash cd7a34e714de94d5c29b8ac5acdde24b b722bccb435490630d97ef88cafeb02d92f70fd0 312ebfdc50a0e168cff60c206811b02e944263a7d9060c2685509dacfacd7f71 Loading...

	padmv.gov-dfbm.cfd/pay/	ScriptElement	84 B	2023-04-07	2025-06-10
Pretty URL padmv.gov-dfbm.cfd/pay/ IP 49.51.75.162 ASN #132203 Tencent Building, Kejizhongyi Avenue Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-07 06:55 Last Seen2025-06-10 04:01 Times Seen13976 Hash 528dd01eb509d1fc3c68b48e165c9d77 8d702f33d869eb8c53cf75c17014f96385322395 b508dff20bdbd9138e31aa48c45bc501805e509d2fd4709b39c4a60cd5c6b43a Loading...

HTTP Transactions (21)

	URL	IP	Response	Size
	padmv.gov-dfbm.cfd/pay/assets/BHcjXi3x.gif	49.51.75.162	200	60 kB
URL GET padmv.gov-dfbm.cfd/pay/assets/BHcjXi3x.gif IP 49.51.75.162:443 ASN #132203 Tencent Building, Kejizhongyi Avenue Requested by https://padmv.gov-dfbm.cfd/pay/ Certificate IssuerLet's Encrypt Subjectpadmv.gov-dfbm.cfd Fingerprint99:38:9A:30:34:44:D2:0C:A9:99:28:DB:9D:93:E7:5D:C8:DE:F6:6F ValiditySat, 31 May 2025 12:00:12 GMT - Fri, 29 Aug 2025 12:00:11 GMT File type GIF image data, version 89a, 256 x 256 Size 60 kB (59994 bytes) Hash fadd89694f57f3d6143989b62b09b288 1c6d340af3c4b392538a96c9313136fb23087aa0 7515437df23c4af47700948c1650f0f9460da07e86a9447d33cfda1f36c91052 HTTP Headers `GET /pay/assets/BHcjXi3x.gif HTTP/1.1 Host: padmv.gov-dfbm.cfd User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://padmv.gov-dfbm.cfd/pay/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 Server: nginx/1.27.4 Date: Mon, 02 Jun 2025 10:47:56 GMT Content-Type: image/gif Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding Strict-Transport-Security: max-age=31536000; includeSubDomains Content-Encoding: gzip`

	padmv.gov-dfbm.cfd/pay/assets/C18UmYZN.js	49.51.75.162	200	1.2 MB
URL GET padmv.gov-dfbm.cfd/pay/assets/C18UmYZN.js IP 49.51.75.162:443 ASN #132203 Tencent Building, Kejizhongyi Avenue Requested by https://padmv.gov-dfbm.cfd/pay/ Certificate IssuerLet's Encrypt Subjectpadmv.gov-dfbm.cfd Fingerprint99:38:9A:30:34:44:D2:0C:A9:99:28:DB:9D:93:E7:5D:C8:DE:F6:6F ValiditySat, 31 May 2025 12:00:12 GMT - Fri, 29 Aug 2025 12:00:11 GMT File type JavaScript source, ASCII text, with very long lines (30711) Size 1.2 MB (1244290 bytes) Hash 730076443e6453d416d2309333669a58 9a1e277bc430a2aee19f57d35fa3529356a07026 983aca46f8c45e8cc134736d65377f3c17cbd7e6b1c07e3318a5c6e5b7c27289 HTTP Headers `GET /pay/assets/C18UmYZN.js HTTP/1.1 Host: padmv.gov-dfbm.cfd User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://padmv.gov-dfbm.cfd/pay/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 Server: nginx/1.27.4 Date: Mon, 02 Jun 2025 10:47:55 GMT Content-Type: application/javascript Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding Strict-Transport-Security: max-age=31536000; includeSubDomains Content-Encoding: gzip`

	padmv.gov-dfbm.cfd/pay/assets/BkBiYrmZ.svg	49.51.75.162	200	33 kB
URL GET padmv.gov-dfbm.cfd/pay/assets/BkBiYrmZ.svg IP 49.51.75.162:443 ASN #132203 Tencent Building, Kejizhongyi Avenue Requested by https://padmv.gov-dfbm.cfd/pay/ Certificate IssuerLet's Encrypt Subjectpadmv.gov-dfbm.cfd Fingerprint99:38:9A:30:34:44:D2:0C:A9:99:28:DB:9D:93:E7:5D:C8:DE:F6:6F ValiditySat, 31 May 2025 12:00:12 GMT - Fri, 29 Aug 2025 12:00:11 GMT File type SVG Scalable Vector Graphics image Size 33 kB (32840 bytes) Hash 684282643209b6d8a2b3827b2ce26105 5bed687de1e819ea473ea81ed9086664018b8405 8a33fbc38f1b90ed91653f4c31d877c70ceda48a5b7592e13e3e0c22db906fd3 HTTP Headers `GET /pay/assets/BkBiYrmZ.svg HTTP/1.1 Host: padmv.gov-dfbm.cfd User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://padmv.gov-dfbm.cfd/pay/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 Server: nginx/1.27.4 Date: Mon, 02 Jun 2025 10:47:57 GMT Content-Type: image/svg+xml Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding Strict-Transport-Security: max-age=31536000; includeSubDomains Content-Encoding: gzip`

	siteintercept.qualtrics.com/static/q-siteintercept/1e7148085d17fcd23645f6c087cd44562b7c9707/img/remove_screen_capture.png	104.17.208.240	301 Moved Permanently	748 B
URL GET siteintercept.qualtrics.com/static/q-siteintercept/1e7148085d17fcd23645f6c087cd44562b7c9707/img/remove_screen_capture.png IP 104.17.208.240:443 ASN #13335 CLOUDFLARENET Requested by https://padmv.gov-dfbm.cfd/pay/ Certificate IssuerDigiCert Inc Subject.qualtrics.com Fingerprint14:C9:A1:C5:70:5D:82:3F:EF:20:E9:12:CD:26:D9:C7:F8:83:68:D6 ValidityThu, 23 Jan 2025 00:00:00 GMT - Fri, 02 Jan 2026 23:59:59 GMT File type Size 748 B (748 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /static/q-siteintercept/1e7148085d17fcd23645f6c087cd44562b7c9707/img/remove_screen_capture.png HTTP/1.1 Host: siteintercept.qualtrics.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://padmv.gov-dfbm.cfd/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 301 Moved Permanently date: Mon, 02 Jun 2025 10:47:57 GMT content-type: text/html; charset=utf-8 cache-control: public, max-age=31536000, immutable location: /static/q-siteintercept/.blob/9d6c0f82148c14dbcd5d160a26f1c17ff0680698_remove_screen_capture.png x-request-id: fb858979-102f-437c-b462-064393e27521 x-transaction-id: 7a345253-d552-4c45-986c-275b5cfe1dfe referrer-policy: strict-origin-when-cross-origin x-content-type-options: nosniff permissions-policy: camera=(), geolocation=(), microphone=() content-security-policy-report-only: frame-ancestors 'self' .qualtrics.com .my.salesforce.com .visualforce.com .visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report cf-cache-status: HIT age: 910976 vary: Accept-Encoding strict-transport-security: max-age=31536000; includeSubDomains; preload server: cloudflare cf-ray: 9496602a1da01c16-OSL X-Firefox-Spdy: h2

	www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png	142.250.178.35	200 OK	910 B
URL GET www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png IP 142.250.178.35:443 ASN #15169 GOOGLE Requested by https://padmv.gov-dfbm.cfd/pay/ Certificate IssuerGoogle Trust Services Subject.gstatic.com Fingerprint41:FF:72:9C:74:6F:D4:D1:3B:A8:03:EB:55:D2:D2:09:7E:7A:44:DC ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT File type PNG image data, 42 x 16, 8-bit/color RGBA, non-interlaced Size 910 B (910 bytes) Hash efa6bb2bfe459bc6f4bdafa3db0383f6 52d15ce52fe50643e542c17812de43f4ed1b6ee0 6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2 HTTP Headers `GET /images/branding/googlelogo/1x/googlelogo_color_42x16dp.png HTTP/1.1 Host: www.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://padmv.gov-dfbm.cfd/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable" report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-length: 910 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 29 May 2025 18:16:29 GMT expires: Fri, 29 May 2026 18:16:29 GMT cache-control: public, max-age=31536000 age: 318689 last-modified: Thu, 02 Nov 2023 22:48:00 GMT content-type: image/png vary: Origin alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg	142.250.178.67	200 OK	6.2 kB
URL GET fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg IP 142.250.178.67:443 ASN #15169 GOOGLE Requested by https://padmv.gov-dfbm.cfd/pay/ Certificate IssuerGoogle Trust Services Subject.gstatic.com Fingerprint41:FF:72:9C:74:6F:D4:D1:3B:A8:03:EB:55:D2:D2:09:7E:7A:44:DC ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT File type SVG Scalable Vector Graphics image Size 6.2 kB (6225 bytes) Hash 2bd5c073a88b83ed74db88282a56ddfb d0ebfc376f8c6a44a8d4cd216817dcd7d0c33650 ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09 HTTP Headers `GET /s/i/productlogos/translate/v14/24px.svg HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://padmv.gov-dfbm.cfd/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-length: 3340 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Sat, 31 May 2025 20:18:56 GMT expires: Sun, 31 May 2026 20:18:56 GMT cache-control: public, max-age=31536000 age: 138542 last-modified: Wed, 20 Apr 2022 14:24:23 GMT content-type: image/svg+xml vary: Accept-Encoding alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	padmv.gov-dfbm.cfd/pay/favicon.ico	49.51.75.162	200	270 kB
URL GET padmv.gov-dfbm.cfd/pay/favicon.ico IP 49.51.75.162:443 ASN #132203 Tencent Building, Kejizhongyi Avenue Requested by https://padmv.gov-dfbm.cfd/pay/ Certificate IssuerLet's Encrypt Subjectpadmv.gov-dfbm.cfd Fingerprint99:38:9A:30:34:44:D2:0C:A9:99:28:DB:9D:93:E7:5D:C8:DE:F6:6F ValiditySat, 31 May 2025 12:00:12 GMT - Fri, 29 Aug 2025 12:00:11 GMT File type MS Windows icon resource - 1 icon, 256x256, 32 bits/pixel Size 270 kB (270398 bytes) Hash d26d2d93027e31147bf04a01f1afd7ae 9e3ec1fe5abd67ff93c1607f6f41ebcde2498265 fb7f5a254671a11c5bb8584e78eafc24bb8d6cfe22a71e79525ab6222569dd0f HTTP Headers `GET /pay/favicon.ico HTTP/1.1 Host: padmv.gov-dfbm.cfd User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://padmv.gov-dfbm.cfd/pay/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 Server: nginx/1.27.4 Date: Mon, 02 Jun 2025 10:47:58 GMT Content-Type: image/vnd.microsoft.icon Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding Strict-Transport-Security: max-age=31536000; includeSubDomains Content-Encoding: gzip`

	padmv.gov-dfbm.cfd/pay/	49.51.75.162	200	2.8 kB
URL User Request GET padmv.gov-dfbm.cfd/pay/ IP 49.51.75.162:443 ASN #132203 Tencent Building, Kejizhongyi Avenue Certificate IssuerLet's Encrypt Subjectpadmv.gov-dfbm.cfd Fingerprint99:38:9A:30:34:44:D2:0C:A9:99:28:DB:9D:93:E7:5D:C8:DE:F6:6F ValiditySat, 31 May 2025 12:00:12 GMT - Fri, 29 Aug 2025 12:00:11 GMT File type HTML document, Unicode text, UTF-8 text, with very long lines (433) Size 2.8 kB (2804 bytes) Hash 86c7736fcb4ad156be20cd1a887a786a f3fbf34006a8bf708dea234605fbc63f6ccc436a 5c7b246ec5b654c6ba0c86c89ba5cbaa61d68536efc32283da7694ed8e70b16d HTTP Headers `GET /pay/ HTTP/1.1 Host: padmv.gov-dfbm.cfd User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 Server: nginx/1.27.4 Date: Mon, 02 Jun 2025 10:47:55 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding Strict-Transport-Security: max-age=31536000; includeSubDomains Content-Encoding: gzip`

	padmv.gov-dfbm.cfd/pay/assets/fliceXIj.js	49.51.75.162	200	36 kB
URL GET padmv.gov-dfbm.cfd/pay/assets/fliceXIj.js IP 49.51.75.162:443 ASN #132203 Tencent Building, Kejizhongyi Avenue Requested by https://padmv.gov-dfbm.cfd/pay/ Certificate IssuerLet's Encrypt Subjectpadmv.gov-dfbm.cfd Fingerprint99:38:9A:30:34:44:D2:0C:A9:99:28:DB:9D:93:E7:5D:C8:DE:F6:6F ValiditySat, 31 May 2025 12:00:12 GMT - Fri, 29 Aug 2025 12:00:11 GMT File type JavaScript source, Unicode text, UTF-8 text, with very long lines (36238), with no line terminators Size 36 kB (36239 bytes) Hash c82404227f8a7b3ec4f1cd045b877053 b0508c956337a67b9757aa71b84c50f45b5fd353 f37b9fbacef7e636f2672d4e6e7fa01a2d61fb1d987cee42e6036f8bd1d07084 HTTP Headers `GET /pay/assets/fliceXIj.js HTTP/1.1 Host: padmv.gov-dfbm.cfd User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://padmv.gov-dfbm.cfd/pay/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 Server: nginx/1.27.4 Date: Mon, 02 Jun 2025 10:47:55 GMT Content-Type: application/javascript Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding Strict-Transport-Security: max-age=31536000; includeSubDomains Content-Encoding: gzip`

	padmv.gov-dfbm.cfd/pay/assets/BVvFtaex.woff2?t=1734404658139	49.51.75.162	200	177 kB
URL GET padmv.gov-dfbm.cfd/pay/assets/BVvFtaex.woff2?t=1734404658139 IP 49.51.75.162:443 ASN #132203 Tencent Building, Kejizhongyi Avenue Requested by https://padmv.gov-dfbm.cfd/pay/ Certificate IssuerLet's Encrypt Subjectpadmv.gov-dfbm.cfd Fingerprint99:38:9A:30:34:44:D2:0C:A9:99:28:DB:9D:93:E7:5D:C8:DE:F6:6F ValiditySat, 31 May 2025 12:00:12 GMT - Fri, 29 Aug 2025 12:00:11 GMT File type Web Open Font Format (Version 2), TrueType, length 176812, version 1.0 Size 177 kB (176812 bytes) Hash 9f0118b43f57fc3ea9f55bbfb3a3b185 f3ec7500bd2c615bba2de885d46bcaa91c20aa9b 7ea90bbc7c505b98dd7d3a089a6fa32067e353150192951cedb05e26820936cf HTTP Headers `GET /pay/assets/BVvFtaex.woff2?t=1734404658139 HTTP/1.1 Host: padmv.gov-dfbm.cfd User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity DNT: 1 Connection: keep-alive Referer: https://padmv.gov-dfbm.cfd/pay/assets/C0Zfn5GX.css Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 Server: nginx/1.27.4 Date: Mon, 02 Jun 2025 10:47:57 GMT Content-Type: application/octet-stream Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding Strict-Transport-Security: max-age=31536000; includeSubDomains`

	wss://padmv.gov-dfbm.cfd/front/im/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpZCI6NDE4MjN9.UfpG0xy0AnyVLE32iJEGR24WWf-hbZzzImaWWoGnbm4	49.51.75.162	101	0 B
URL GET wss://padmv.gov-dfbm.cfd/front/im/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpZCI6NDE4MjN9.UfpG0xy0AnyVLE32iJEGR24WWf-hbZzzImaWWoGnbm4 IP 49.51.75.162:443 ASN #132203 Tencent Building, Kejizhongyi Avenue Requested by https://padmv.gov-dfbm.cfd/pay/ Certificate IssuerLet's Encrypt Subjectpadmv.gov-dfbm.cfd Fingerprint99:38:9A:30:34:44:D2:0C:A9:99:28:DB:9D:93:E7:5D:C8:DE:F6:6F ValiditySat, 31 May 2025 12:00:12 GMT - Fri, 29 Aug 2025 12:00:11 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /front/im/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpZCI6NDE4MjN9.UfpG0xy0AnyVLE32iJEGR24WWf-hbZzzImaWWoGnbm4 HTTP/1.1 Host: padmv.gov-dfbm.cfd User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: https://padmv.gov-dfbm.cfd Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: cTtKCawdVWXrIbyhdG0tmA== DNT: 1 Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Server: nginx/1.27.4 Date: Mon, 02 Jun 2025 10:47:58 GMT Connection: upgrade Upgrade: websocket Sec-WebSocket-Accept: XIpELgfDendLE1UhKTUqOLTsfQI= Sec-WebSocket-Extensions: permessage-deflate Strict-Transport-Security: max-age=31536000; includeSubDomains`

	siteintercept.qualtrics.com/static/q-siteintercept/.blob/9d6c0f82148c14dbcd5d160a26f1c17ff0680698_remove_screen_capture.png	104.17.208.240	200 OK	748 B
URL GET siteintercept.qualtrics.com/static/q-siteintercept/.blob/9d6c0f82148c14dbcd5d160a26f1c17ff0680698_remove_screen_capture.png IP 104.17.208.240:443 ASN #13335 CLOUDFLARENET Requested by https://padmv.gov-dfbm.cfd/pay/ Certificate IssuerDigiCert Inc Subject.qualtrics.com Fingerprint14:C9:A1:C5:70:5D:82:3F:EF:20:E9:12:CD:26:D9:C7:F8:83:68:D6 ValidityThu, 23 Jan 2025 00:00:00 GMT - Fri, 02 Jan 2026 23:59:59 GMT File type PNG image data, 128 x 128, 8-bit gray+alpha, non-interlaced Size 748 B (748 bytes) Hash 3a8ecf5dff4233d9b9b8df806533fdc6 9e014447dadc656762be55a9512af34b538c0807 f864c78563fe88300f71a5c3e3c5dc5299094597365ce18eed758c0563100ef5 HTTP Headers GET /static/q-siteintercept/.blob/9d6c0f82148c14dbcd5d160a26f1c17ff0680698_remove_screen_capture.png HTTP/1.1 Host: siteintercept.qualtrics.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://padmv.gov-dfbm.cfd/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Mon, 02 Jun 2025 10:47:57 GMT content-type: image/png content-length: 748 cache-control: public, max-age=31536000, immutable cf-bgj: imgq:85,h2pri cf-polished: origSize=1110 content-security-policy-report-only: frame-ancestors 'self' .qualtrics.com .my.salesforce.com .visualforce.com .visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report permissions-policy: camera=(), geolocation=(), microphone=() referrer-policy: strict-origin-when-cross-origin static-digest: 9d6c0f82148c14dbcd5d160a26f1c17ff0680698 x-content-type-options: nosniff x-request-id: 066cc280-a973-40d8-b46b-8c769c512a2a x-transaction-id: e26fe54e-c050-4c9b-84ad-861a153f2cc6 last-modified: Wed, 19 Mar 2025 08:18:18 GMT cf-cache-status: HIT age: 2180006 accept-ranges: bytes vary: Accept-Encoding strict-transport-security: max-age=31536000; includeSubDomains; preload server: cloudflare cf-ray: 9496602a6e091c16-OSL X-Firefox-Spdy: h2

	www.gstatic.com/images/branding/product/2x/translate_24dp.png	142.250.178.35	200 OK	1.8 kB
URL GET www.gstatic.com/images/branding/product/2x/translate_24dp.png IP 142.250.178.35:443 ASN #15169 GOOGLE Requested by https://padmv.gov-dfbm.cfd/pay/ Certificate IssuerGoogle Trust Services Subject.gstatic.com Fingerprint41:FF:72:9C:74:6F:D4:D1:3B:A8:03:EB:55:D2:D2:09:7E:7A:44:DC ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced Size 1.8 kB (1842 bytes) Hash c69c796362406f9e11c7f4bf5bb628da e489ce95ab56208090868882113d7416abf46775 4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82 HTTP Headers `GET /images/branding/product/2x/translate_24dp.png HTTP/1.1 Host: www.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://padmv.gov-dfbm.cfd/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable" report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-length: 1842 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 28 May 2025 21:30:10 GMT expires: Thu, 28 May 2026 21:30:10 GMT cache-control: public, max-age=31536000 age: 393468 last-modified: Thu, 14 Oct 2021 09:08:00 GMT content-type: image/png vary: Origin alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/building_preview.gif	104.17.208.240	307 Temporary Redirect	12 kB
URL GET siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/building_preview.gif IP 104.17.208.240:443 ASN #13335 CLOUDFLARENET Requested by https://padmv.gov-dfbm.cfd/pay/ Certificate IssuerDigiCert Inc Subject.qualtrics.com Fingerprint14:C9:A1:C5:70:5D:82:3F:EF:20:E9:12:CD:26:D9:C7:F8:83:68:D6 ValidityThu, 23 Jan 2025 00:00:00 GMT - Fri, 02 Jan 2026 23:59:59 GMT File type Size 12 kB (12336 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /WRQualtricsShared/Graphics/siteintercept/building_preview.gif HTTP/1.1 Host: siteintercept.qualtrics.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://padmv.gov-dfbm.cfd/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 307 Temporary Redirect date: Mon, 02 Jun 2025 10:47:57 GMT content-type: text/html; charset=utf-8 cache-control: public, max-age=30 location: /static/q-siteintercept/~/img/building_preview.gif x-request-id: 54fffff7-046e-42c0-b26b-1e07e0cff4bd x-transaction-id: 2292c23a-dc1e-40ab-8310-c0532b197389 referrer-policy: strict-origin-when-cross-origin x-content-type-options: nosniff permissions-policy: camera=(), geolocation=(), microphone=() content-security-policy-report-only: frame-ancestors 'self' .qualtrics.com .my.salesforce.com .visualforce.com .visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report cf-cache-status: HIT age: 19 vary: Accept-Encoding strict-transport-security: max-age=31536000; includeSubDomains; preload server: cloudflare cf-ray: 94966026892b1c16-OSL X-Firefox-Spdy: h2

	siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/remove_screen_capture.png	104.17.208.240	307 Temporary Redirect	748 B
URL GET siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/remove_screen_capture.png IP 104.17.208.240:443 ASN #13335 CLOUDFLARENET Requested by https://padmv.gov-dfbm.cfd/pay/ Certificate IssuerDigiCert Inc Subject.qualtrics.com Fingerprint14:C9:A1:C5:70:5D:82:3F:EF:20:E9:12:CD:26:D9:C7:F8:83:68:D6 ValidityThu, 23 Jan 2025 00:00:00 GMT - Fri, 02 Jan 2026 23:59:59 GMT File type Size 748 B (748 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /WRQualtricsShared/Graphics/siteintercept/remove_screen_capture.png HTTP/1.1 Host: siteintercept.qualtrics.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://padmv.gov-dfbm.cfd/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 307 Temporary Redirect date: Mon, 02 Jun 2025 10:47:57 GMT content-type: text/html; charset=utf-8 cache-control: public, max-age=30 location: /static/q-siteintercept/~/img/remove_screen_capture.png x-request-id: 3323172b-a011-460e-9d32-3828b073d400 x-transaction-id: cffe320d-08e4-4771-b32d-9874961f148d referrer-policy: strict-origin-when-cross-origin x-content-type-options: nosniff permissions-policy: camera=(), geolocation=(), microphone=() content-security-policy-report-only: frame-ancestors 'self' .qualtrics.com .my.salesforce.com .visualforce.com .visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report cf-cache-status: HIT age: 19 vary: Accept-Encoding strict-transport-security: max-age=31536000; includeSubDomains; preload server: cloudflare cf-ray: 9496602689231c16-OSL X-Firefox-Spdy: h2

	siteintercept.qualtrics.com/static/q-siteintercept/1e7148085d17fcd23645f6c087cd44562b7c9707/img/building_preview.gif	104.17.208.240	301 Moved Permanently	12 kB
URL GET siteintercept.qualtrics.com/static/q-siteintercept/1e7148085d17fcd23645f6c087cd44562b7c9707/img/building_preview.gif IP 104.17.208.240:443 ASN #13335 CLOUDFLARENET Requested by https://padmv.gov-dfbm.cfd/pay/ Certificate IssuerDigiCert Inc Subject.qualtrics.com Fingerprint14:C9:A1:C5:70:5D:82:3F:EF:20:E9:12:CD:26:D9:C7:F8:83:68:D6 ValidityThu, 23 Jan 2025 00:00:00 GMT - Fri, 02 Jan 2026 23:59:59 GMT File type Size 12 kB (12336 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /static/q-siteintercept/1e7148085d17fcd23645f6c087cd44562b7c9707/img/building_preview.gif HTTP/1.1 Host: siteintercept.qualtrics.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://padmv.gov-dfbm.cfd/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 301 Moved Permanently date: Mon, 02 Jun 2025 10:47:57 GMT content-type: text/html; charset=utf-8 cache-control: public, max-age=31536000, immutable location: /static/q-siteintercept/.blob/32e475586af0d1b25cd32fac5a2c7d763deeb8ac_building_preview.gif x-request-id: 27621c5c-d059-4f68-b1f2-93aa73b25f8d x-transaction-id: a9e4e18c-74dd-44d4-a7ca-fdf3e57c3b4a referrer-policy: strict-origin-when-cross-origin x-content-type-options: nosniff permissions-policy: camera=(), geolocation=(), microphone=() content-security-policy-report-only: frame-ancestors 'self' .qualtrics.com .my.salesforce.com .visualforce.com .visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report cf-cache-status: HIT age: 910976 vary: Accept-Encoding strict-transport-security: max-age=31536000; includeSubDomains; preload server: cloudflare cf-ray: 9496602a1da21c16-OSL X-Firefox-Spdy: h2

	siteintercept.qualtrics.com/static/q-siteintercept/.blob/32e475586af0d1b25cd32fac5a2c7d763deeb8ac_building_preview.gif	104.17.208.240	200 OK	12 kB
URL GET siteintercept.qualtrics.com/static/q-siteintercept/.blob/32e475586af0d1b25cd32fac5a2c7d763deeb8ac_building_preview.gif IP 104.17.208.240:443 ASN #13335 CLOUDFLARENET Requested by https://padmv.gov-dfbm.cfd/pay/ Certificate IssuerDigiCert Inc Subject.qualtrics.com Fingerprint14:C9:A1:C5:70:5D:82:3F:EF:20:E9:12:CD:26:D9:C7:F8:83:68:D6 ValidityThu, 23 Jan 2025 00:00:00 GMT - Fri, 02 Jan 2026 23:59:59 GMT File type GIF image data, version 89a, 113 x 108 Size 12 kB (12336 bytes) Hash 3c3ba37130de5fe15faf97c18908283e c15b49cb09745a9939315132e18f2e40fa2ccf22 9096646da2177d5db92f79352509450582a376913bb5387557c1efd28d0c377b HTTP Headers GET /static/q-siteintercept/.blob/32e475586af0d1b25cd32fac5a2c7d763deeb8ac_building_preview.gif HTTP/1.1 Host: siteintercept.qualtrics.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://padmv.gov-dfbm.cfd/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Mon, 02 Jun 2025 10:47:57 GMT content-type: image/gif content-length: 12336 cache-control: public, max-age=31536000, immutable cf-bgj: imgq:85,h2pri cf-polished: origSize=16980 content-security-policy-report-only: frame-ancestors 'self' .qualtrics.com .my.salesforce.com .visualforce.com .visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report permissions-policy: camera=(), geolocation=(), microphone=() referrer-policy: strict-origin-when-cross-origin static-digest: 32e475586af0d1b25cd32fac5a2c7d763deeb8ac x-content-type-options: nosniff x-request-id: 49b8232f-a6a9-4f8e-9c43-b3664759594f x-transaction-id: fd1f5894-7600-446f-af3c-f12de742e01d last-modified: Fri, 18 Apr 2025 19:39:13 GMT cf-cache-status: HIT age: 2268509 accept-ranges: bytes vary: Accept-Encoding strict-transport-security: max-age=31536000; includeSubDomains; preload server: cloudflare cf-ray: 9496602a6e011c16-OSL X-Firefox-Spdy: h2

	padmv.gov-dfbm.cfd/pay/assets/C0Zfn5GX.css	49.51.75.162	200	952 kB
URL GET padmv.gov-dfbm.cfd/pay/assets/C0Zfn5GX.css IP 49.51.75.162:443 ASN #132203 Tencent Building, Kejizhongyi Avenue Requested by https://padmv.gov-dfbm.cfd/pay/ Certificate IssuerLet's Encrypt Subjectpadmv.gov-dfbm.cfd Fingerprint99:38:9A:30:34:44:D2:0C:A9:99:28:DB:9D:93:E7:5D:C8:DE:F6:6F ValiditySat, 31 May 2025 12:00:12 GMT - Fri, 29 Aug 2025 12:00:11 GMT File type Unicode text, UTF-8 text, with very long lines (36407), with CRLF, LF line terminators Size 952 kB (952154 bytes) Hash 7c6506058fc6ebd682f880a8ea1fe731 021ec0d61a08e93d69e5b1fe1256102234e375d0 5870a113805a7ace9688f95de3f672bf96315c75b8c87a603f5844d5799ea427 HTTP Headers `GET /pay/assets/C0Zfn5GX.css HTTP/1.1 Host: padmv.gov-dfbm.cfd User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://padmv.gov-dfbm.cfd/pay/ Sec-Fetch-Dest: style Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 Server: nginx/1.27.4 Date: Mon, 02 Jun 2025 10:47:55 GMT Content-Type: text/css Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding Strict-Transport-Security: max-age=31536000; includeSubDomains Content-Encoding: gzip`

	padmv.gov-dfbm.cfd/front/checkIp?token=123	49.51.75.162	200	226 B
URL GET padmv.gov-dfbm.cfd/front/checkIp?token=123 IP 49.51.75.162:443 ASN #132203 Tencent Building, Kejizhongyi Avenue Requested by https://padmv.gov-dfbm.cfd/pay/ Certificate IssuerLet's Encrypt Subjectpadmv.gov-dfbm.cfd Fingerprint99:38:9A:30:34:44:D2:0C:A9:99:28:DB:9D:93:E7:5D:C8:DE:F6:6F ValiditySat, 31 May 2025 12:00:12 GMT - Fri, 29 Aug 2025 12:00:11 GMT File type JSON text data Size 226 B (226 bytes) Hash d69d49cd576df2dc4352295a90bdf28c bd232b5ebef4e99bcb0183d13f81d7754d2a70b1 b1c2d20d963a18b30b5c0fe1160433a95f5f31b332a94f2c25b4ec33f58fdec6 HTTP Headers `GET /front/checkIp?token=123 HTTP/1.1 Host: padmv.gov-dfbm.cfd User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://padmv.gov-dfbm.cfd/pay/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 Server: nginx/1.27.4 Date: Mon, 02 Jun 2025 10:47:56 GMT Content-Type: text/plain;charset=UTF-8 Content-Length: 226 Connection: keep-alive Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers Strict-Transport-Security: max-age=31536000; includeSubDomains`

	siteintercept.qualtrics.com/static/q-siteintercept/~/img/remove_screen_capture.png	104.17.208.240	307 Temporary Redirect	748 B
URL GET siteintercept.qualtrics.com/static/q-siteintercept/~/img/remove_screen_capture.png IP 104.17.208.240:443 ASN #13335 CLOUDFLARENET Requested by https://padmv.gov-dfbm.cfd/pay/ Certificate IssuerDigiCert Inc Subject.qualtrics.com Fingerprint14:C9:A1:C5:70:5D:82:3F:EF:20:E9:12:CD:26:D9:C7:F8:83:68:D6 ValidityThu, 23 Jan 2025 00:00:00 GMT - Fri, 02 Jan 2026 23:59:59 GMT File type Size 748 B (748 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /static/q-siteintercept/~/img/remove_screen_capture.png HTTP/1.1 Host: siteintercept.qualtrics.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://padmv.gov-dfbm.cfd/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 307 Temporary Redirect date: Mon, 02 Jun 2025 10:47:57 GMT content-type: text/html; charset=utf-8 cache-control: public, max-age=30 location: /static/q-siteintercept/1e7148085d17fcd23645f6c087cd44562b7c9707/img/remove_screen_capture.png static-version: 1e7148085d17fcd23645f6c087cd44562b7c9707 x-request-id: 4fac3199-d4ef-4f3d-b807-e42224b2b3db x-transaction-id: 2ad2b22b-317f-4821-b2c4-ac597499552e referrer-policy: strict-origin-when-cross-origin x-content-type-options: nosniff permissions-policy: camera=(), geolocation=(), microphone=() content-security-policy-report-only: frame-ancestors 'self' .qualtrics.com .my.salesforce.com .visualforce.com .visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report cf-cache-status: HIT age: 19 vary: Accept-Encoding strict-transport-security: max-age=31536000; includeSubDomains; preload server: cloudflare cf-ray: 94966029fd6a1c16-OSL X-Firefox-Spdy: h2

	siteintercept.qualtrics.com/static/q-siteintercept/~/img/building_preview.gif	104.17.208.240	307 Temporary Redirect	12 kB
URL GET siteintercept.qualtrics.com/static/q-siteintercept/~/img/building_preview.gif IP 104.17.208.240:443 ASN #13335 CLOUDFLARENET Requested by https://padmv.gov-dfbm.cfd/pay/ Certificate IssuerDigiCert Inc Subject.qualtrics.com Fingerprint14:C9:A1:C5:70:5D:82:3F:EF:20:E9:12:CD:26:D9:C7:F8:83:68:D6 ValidityThu, 23 Jan 2025 00:00:00 GMT - Fri, 02 Jan 2026 23:59:59 GMT File type Size 12 kB (12336 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /static/q-siteintercept/~/img/building_preview.gif HTTP/1.1 Host: siteintercept.qualtrics.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://padmv.gov-dfbm.cfd/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 307 Temporary Redirect date: Mon, 02 Jun 2025 10:47:57 GMT content-type: text/html; charset=utf-8 cache-control: public, max-age=30 location: /static/q-siteintercept/1e7148085d17fcd23645f6c087cd44562b7c9707/img/building_preview.gif static-version: 1e7148085d17fcd23645f6c087cd44562b7c9707 x-request-id: 9f18d906-be15-45bb-8f72-ffeff80c34d8 x-transaction-id: 642b5eab-0285-4ab2-9fe9-da85e7f2c468 referrer-policy: strict-origin-when-cross-origin x-content-type-options: nosniff permissions-policy: camera=(), geolocation=(), microphone=() content-security-policy-report-only: frame-ancestors 'self' .qualtrics.com .my.salesforce.com .visualforce.com .visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report cf-cache-status: HIT age: 19 vary: Accept-Encoding strict-transport-security: max-age=31536000; includeSubDomains; preload server: cloudflare cf-ray: 94966029fd6f1c16-OSL X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (21)

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash