{"report_id":"fcbd3f38-1613-4db6-bdd9-8992f182577a","version":6,"status":"done","tags":[],"date":"2026-03-27T13:00:58Z","url":{"schema":"http","addr":"ca.gov-zat.cfd/dmv","fqdn":"ca.gov-zat.cfd","domain":"gov-zat.cfd","tld":"cfd"},"ip":{"addr":"43.165.68.78","port":0,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"final":{"url":{"schema":"https","addr":"ca.gov-zat.cfd/dmv/","fqdn":"ca.gov-zat.cfd","domain":"gov-zat.cfd","tld":"cfd"},"title":"Access Denied","dom":{"size":1772,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"9ba6c2ac5ad3975baf756ee22fcf6aab","sha1":"297e0efc4eee70301d959701849d8d0864f6c6bb","sha256":"784f40f146fa8b526d4bd64ac0d4b876c43610633a45f1f7f47a8f7efe553392","sha512":"3079a5dc1cc8baba867010dbcacf1dff38a6b5e7e5a93737c168c47b3fca41679f5e1d5f24f88c70b0589f61bc6ff42598636063884c79a09217e55c19598b35","ssdeep":"","tlshash":"62319b879ae704167843e4547fb2a7022a84d957c65adf723f8c73a8cf869d48c9374c","dom_hash":"domhashb0edbcced89fac88c05e85c0f23b2eda","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"ca.gov-zat.cfd/dmv","fqdn":"ca.gov-zat.cfd","domain":"gov-zat.cfd","tld":"cfd"},"ip":{"addr":"43.165.68.78","port":0,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-01T13:00:58Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-27","alert":"Phishing Block","trigger":"ca.gov-zat.cfd","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null},"summary":[{"fqdn":"ca.gov-zat.cfd","ip":{"addr":"43.165.68.78","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"domain_registered":"2026-03-25","domain_rank":0,"first_seen":"2026-03-27T13:00:58.373131Z","last_seen":"2026-03-27T13:00:58.373131Z","alert_count":3,"request_count":3,"received_data":4309,"sent_data":1412,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty:1.29.2.1","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"ca.gov-zat.cfd/dmv/","fqdn":"ca.gov-zat.cfd","domain":"gov-zat.cfd","tld":"cfd"},"ip":{"addr":"43.165.68.78","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-27T13:00:31.465Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ca.gov-zat.cfd","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 26 Mar 2026 11:40:28 GMT","end":"Wed, 24 Jun 2026 11:40:27 GMT"},"fingerprint":{"sha1":"24:BB:62:5C:A7:11:A7:51:25:A3:A7:BA:23:A6:6F:2A:EA:56:D1:60","sha256":"D6:EE:4A:98:B7:68:B2:4E:99:2D:4D:5F:69:40:06:96:DF:42:12:C1:4B:9B:0F:FF:D8:6C:8C:78:2A:AE:CE:83"}}},"request":{"raw":"GET /dmv/ HTTP/1.1\r\nHost: ca.gov-zat.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.29.2.1\r\ndate: Fri, 27 Mar 2026 13:00:32 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.29.2.1","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1789,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"337523425164c2807cb38bac51f509ef","sha1":"c3ed1454f7557f1f09b46d0b0f2ff41cd2928117","sha256":"dcfdd0ba5a881a0d9754766c6b44b53acbf5d42541376ee17ccef8272828dd95","sha512":"b2b9a1d297d0818721036e866aacfd3648b2e7aa5d7b6c71e235f6b5488df8f9497998a58993fe3c6e0ebe2796dc1acd29caae5fba1208aadecfd5f30d3cc629","ssdeep":"","tlshash":"4531ab875ae704023843e4547fb267022685da53c65adb623f8c73a8cf869848c9370c","first_seen":"2026-03-27T13:01:00.433625Z","last_seen":"2026-03-27T13:01:00.433625Z","times_seen":1,"resource_available":false,"data":null}},"time_used":923,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":923,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-27","alert":"Phishing Block","trigger":"ca.gov-zat.cfd","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ca.gov-zat.cfd/favicon.ico","fqdn":"ca.gov-zat.cfd","domain":"gov-zat.cfd","tld":"cfd"},"ip":{"addr":"43.165.68.78","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ca.gov-zat.cfd/dmv/","date":"2026-03-27T13:00:32.574Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ca.gov-zat.cfd","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 26 Mar 2026 11:40:28 GMT","end":"Wed, 24 Jun 2026 11:40:27 GMT"},"fingerprint":{"sha1":"24:BB:62:5C:A7:11:A7:51:25:A3:A7:BA:23:A6:6F:2A:EA:56:D1:60","sha256":"D6:EE:4A:98:B7:68:B2:4E:99:2D:4D:5F:69:40:06:96:DF:42:12:C1:4B:9B:0F:FF:D8:6C:8C:78:2A:AE:CE:83"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: ca.gov-zat.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ca.gov-zat.cfd/dmv/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: openresty/1.29.2.1\r\ndate: Fri, 27 Mar 2026 13:00:32 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"OpenResty:1.29.2.1","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":159,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"a6362fdf7b89ef682ac999be37962628","sha1":"f7b0aa3e1f989184042d276cff04f6cb8119fd9f","sha256":"da9f084f6ae275049c7ef113c1d67a63d0cd7cc23cabecc4fcb80bf93edd902e","sha512":"6b7b1fca60e7ace3cc3a8486c59fd7b0b369d6ead3e260946dced0819eb673d65ea9a225955c67dcaac3f9fd4d7ac9f424f065f5adc4c66060fe128548cba7bc","ssdeep":"","tlshash":"1dc02b2d64137c0c8663307676c370a0c1978337f57e41218440805730cf1998bc33ab","first_seen":"2026-02-28T20:19:07.990456Z","last_seen":"2026-06-02T13:45:38.764646Z","times_seen":386,"resource_available":true,"data":null}},"time_used":93,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":93,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-27","alert":"Phishing Block","trigger":"ca.gov-zat.cfd","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ca.gov-zat.cfd/dmv","fqdn":"ca.gov-zat.cfd","domain":"gov-zat.cfd","tld":"cfd"},"ip":{"addr":"43.165.68.78","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-27T13:00:31.031Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ca.gov-zat.cfd","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 26 Mar 2026 11:40:28 GMT","end":"Wed, 24 Jun 2026 11:40:27 GMT"},"fingerprint":{"sha1":"24:BB:62:5C:A7:11:A7:51:25:A3:A7:BA:23:A6:6F:2A:EA:56:D1:60","sha256":"D6:EE:4A:98:B7:68:B2:4E:99:2D:4D:5F:69:40:06:96:DF:42:12:C1:4B:9B:0F:FF:D8:6C:8C:78:2A:AE:CE:83"}}},"request":{"raw":"GET /dmv HTTP/1.1\r\nHost: ca.gov-zat.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\nserver: openresty/1.29.2.1\r\ndate: Fri, 27 Mar 2026 13:00:31 GMT\r\ncontent-type: text/html\r\ncontent-length: 175\r\nlocation: https://ca.gov-zat.cfd/dmv/\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"OpenResty:1.29.2.1","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1789,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T17:34:24.203013Z","times_seen":16217467,"resource_available":true,"data":null}},"time_used":763,"timings":{"blocked":334,"dns":132,"connect":95,"send":0,"wait":95,"receive":0,"ssl":104},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-27","alert":"Phishing Block","trigger":"ca.gov-zat.cfd","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}}]}