[{"_id":{"$oid":"692de56b3f0712f689db3d4a"},"created_at":{"$date":"2025-12-01T18:58:51.699Z"},"url":"https://mahatenders.gov.in/","tool":"nuclei","result":"[\n {\n \"template\": \"dns/caa-fingerprint.yaml\",\n \"template-url\": \"https://cloud.projectdiscovery.io/public/caa-fingerprint\",\n \"template-id\": \"caa-fingerprint\",\n \"template-path\": \"/home/apogean/nuclei-templates/dns/caa-fingerprint.yaml\",\n \"info\": {\n \"name\": \"CAA Record\",\n \"author\": [\n \"pdteam\"\n ],\n \"tags\": [\n \"dns\",\n \"caa\",\n \"discovery\"\n ],\n \"description\": \"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.\",\n \"reference\": [\n \"https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record\"\n ],\n \"severity\": \"info\",\n \"metadata\": {\n \"max-request\": 1\n },\n \"classification\": {\n \"cve-id\": null,\n \"cwe-id\": [\n \"cwe-200\"\n ]\n }\n },\n \"type\": \"dns\",\n \"host\": \"/\",\n \"matched-at\": \"/\",\n \"request\": \";; opcode: QUERY, status: NOERROR, id: 65147\\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\\n\\n;; OPT PSEUDOSECTION:\\n; EDNS: version 0; flags:; udp: 4096\\n\\n;; QUESTION SECTION:\\n;/.\\tIN\\t CAA\\n\",\n \"response\": \";; opcode: QUERY, status: NXDOMAIN, id: 65147\\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\\n\\n;; OPT PSEUDOSECTION:\\n; EDNS: version 0; flags:; udp: 512\\n\\n;; QUESTION SECTION:\\n;/.\\tIN\\t CAA\\n\\n;; AUTHORITY SECTION:\\n.\\t86399\\tIN\\tSOA\\ta.root-servers.net. nstld.verisign-grs.com. 2025120100 1800 900 604800 86400\\n\",\n \"timestamp\": \"2025-12-01T18:58:50.385231077Z\",\n \"matcher-status\": true\n },\n {\n \"template\": \"dns/caa-fingerprint.yaml\",\n \"template-url\": \"https://cloud.projectdiscovery.io/public/caa-fingerprint\",\n \"template-id\": \"caa-fingerprint\",\n \"template-path\": \"/home/apogean/nuclei-templates/dns/caa-fingerprint.yaml\",\n \"info\": {\n \"name\": \"CAA Record\",\n \"author\": [\n \"pdteam\"\n ],\n \"tags\": [\n \"dns\",\n \"caa\",\n \"discovery\"\n ],\n \"description\": \"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.\",\n \"reference\": [\n \"https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record\"\n ],\n \"severity\": \"info\",\n \"metadata\": {\n \"max-request\": 1\n },\n \"classification\": {\n \"cve-id\": null,\n \"cwe-id\": [\n \"cwe-200\"\n ]\n }\n },\n \"type\": \"dns\",\n \"host\": \"/\",\n \"matched-at\": \"/\",\n \"request\": \";; opcode: QUERY, status: NOERROR, id: 1455\\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\\n\\n;; OPT PSEUDOSECTION:\\n; EDNS: version 0; flags:; udp: 4096\\n\\n;; QUESTION SECTION:\\n;/.\\tIN\\t CAA\\n\",\n \"response\": \";; opcode: QUERY, status: NXDOMAIN, id: 1455\\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\\n\\n;; OPT PSEUDOSECTION:\\n; EDNS: version 0; flags:; udp: 1232\\n\\n;; QUESTION SECTION:\\n;/.\\tIN\\t CAA\\n\\n;; AUTHORITY SECTION:\\n.\\t86400\\tIN\\tSOA\\ta.root-servers.net. nstld.verisign-grs.com. 2025120100 1800 900 604800 86400\\n\",\n \"timestamp\": \"2025-12-01T18:58:51.455215378Z\",\n \"matcher-status\": true\n },\n {\n \"template\": \"dns/caa-fingerprint.yaml\",\n \"template-url\": \"https://cloud.projectdiscovery.io/public/caa-fingerprint\",\n \"template-id\": \"caa-fingerprint\",\n \"template-path\": \"/home/apogean/nuclei-templates/dns/caa-fingerprint.yaml\",\n \"info\": {\n \"name\": \"CAA Record\",\n \"author\": [\n \"pdteam\"\n ],\n \"tags\": [\n \"dns\",\n \"caa\",\n \"discovery\"\n ],\n \"description\": \"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.\",\n \"reference\": [\n \"https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record\"\n ],\n \"severity\": \"info\",\n \"metadata\": {\n \"max-request\": 1\n },\n \"classification\": {\n \"cve-id\": null,\n \"cwe-id\": [\n \"cwe-200\"\n ]\n }\n },\n \"type\": \"dns\",\n \"host\": \"/\",\n \"matched-at\": \"/\",\n \"request\": \";; opcode: QUERY, status: NOERROR, id: 1455\\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\\n\\n;; OPT PSEUDOSECTION:\\n; EDNS: version 0; flags:; udp: 4096\\n\\n;; QUESTION SECTION:\\n;/.\\tIN\\t CAA\\n\",\n \"response\": \";; opcode: QUERY, status: NXDOMAIN, id: 1455\\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\\n\\n;; OPT PSEUDOSECTION:\\n; EDNS: version 0; flags:; udp: 1232\\n\\n;; QUESTION SECTION:\\n;/.\\tIN\\t CAA\\n\\n;; AUTHORITY SECTION:\\n.\\t86400\\tIN\\tSOA\\ta.root-servers.net. nstld.verisign-grs.com. 2025120100 1800 900 604800 86400\\n\",\n \"timestamp\": \"2025-12-01T18:58:51.455215378Z\",\n \"matcher-status\": true\n }\n]"},{"_id":{"$oid":"69328dce6e968dafff2d09d7"},"created_at":{"$date":"2025-12-05T07:46:22.875Z"},"url":"https://www.internationalpoliceexpo.com/","tool":"nuclei","result":"[\n {\n \"template\": \"dns/caa-fingerprint.yaml\",\n \"template-url\": \"https://cloud.projectdiscovery.io/public/caa-fingerprint\",\n \"template-id\": \"caa-fingerprint\",\n \"template-path\": \"/home/apogean/nuclei-templates/dns/caa-fingerprint.yaml\",\n \"info\": {\n \"name\": \"CAA Record\",\n \"author\": [\n \"pdteam\"\n ],\n \"tags\": [\n \"dns\",\n \"caa\",\n \"discovery\"\n ],\n \"description\": \"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.\",\n \"reference\": [\n \"https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record\"\n ],\n \"severity\": \"info\",\n \"metadata\": {\n \"max-request\": 1\n },\n \"classification\": {\n \"cve-id\": null,\n \"cwe-id\": [\n \"cwe-200\"\n ]\n }\n },\n \"type\": \"dns\",\n \"host\": \"/\",\n \"matched-at\": \"/\",\n \"request\": \";; opcode: QUERY, status: NOERROR, id: 35771\\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\\n\\n;; OPT PSEUDOSECTION:\\n; EDNS: version 0; flags:; udp: 4096\\n\\n;; QUESTION SECTION:\\n;/.\\tIN\\t CAA\\n\",\n \"response\": \";; opcode: QUERY, status: NXDOMAIN, id: 35771\\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\\n\\n;; OPT PSEUDOSECTION:\\n; EDNS: version 0; flags:; udp: 1232\\n\\n;; QUESTION SECTION:\\n;/.\\tIN\\t CAA\\n\\n;; AUTHORITY SECTION:\\n.\\t86400\\tIN\\tSOA\\ta.root-servers.net. nstld.verisign-grs.com. 2025120500 1800 900 604800 86400\\n\",\n \"timestamp\": \"2025-12-05T07:43:06.302858783Z\",\n \"matcher-status\": true\n },\n {\n \"template\": \"dns/caa-fingerprint.yaml\",\n \"template-url\": \"https://cloud.projectdiscovery.io/public/caa-fingerprint\",\n \"template-id\": \"caa-fingerprint\",\n \"template-path\": \"/home/apogean/nuclei-templates/dns/caa-fingerprint.yaml\",\n \"info\": {\n \"name\": \"CAA Record\",\n \"author\": [\n \"pdteam\"\n ],\n \"tags\": [\n \"dns\",\n \"caa\",\n \"discovery\"\n ],\n \"description\": \"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.\",\n \"reference\": [\n \"https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record\"\n ],\n \"severity\": \"info\",\n \"metadata\": {\n \"max-request\": 1\n },\n \"classification\": {\n \"cve-id\": null,\n \"cwe-id\": [\n \"cwe-200\"\n ]\n }\n },\n \"type\": \"dns\",\n \"host\": \"/\",\n \"matched-at\": \"/\",\n \"request\": \";; opcode: QUERY, status: NOERROR, id: 22562\\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\\n\\n;; OPT PSEUDOSECTION:\\n; EDNS: version 0; flags:; udp: 4096\\n\\n;; QUESTION SECTION:\\n;/.\\tIN\\t CAA\\n\",\n \"response\": \";; opcode: QUERY, status: NXDOMAIN, id: 22562\\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\\n\\n;; OPT PSEUDOSECTION:\\n; EDNS: version 0; flags:; udp: 512\\n\\n;; QUESTION SECTION:\\n;/.\\tIN\\t CAA\\n\\n;; AUTHORITY SECTION:\\n.\\t86382\\tIN\\tSOA\\ta.root-servers.net. nstld.verisign-grs.com. 2025120500 1800 900 604800 86400\\n\",\n \"timestamp\": \"2025-12-05T07:43:26.930046584Z\",\n \"matcher-status\": true\n },\n {\n \"template\": \"dns/caa-fingerprint.yaml\",\n \"template-url\": \"https://cloud.projectdiscovery.io/public/caa-fingerprint\",\n \"template-id\": \"caa-fingerprint\",\n \"template-path\": \"/home/apogean/nuclei-templates/dns/caa-fingerprint.yaml\",\n \"info\": {\n \"name\": \"CAA Record\",\n \"author\": [\n \"pdteam\"\n ],\n \"tags\": [\n \"dns\",\n \"caa\",\n \"discovery\"\n ],\n \"description\": \"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.\",\n \"reference\": [\n \"https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record\"\n ],\n \"severity\": \"info\",\n \"metadata\": {\n \"max-request\": 1\n },\n \"classification\": {\n \"cve-id\": null,\n \"cwe-id\": [\n \"cwe-200\"\n ]\n }\n },\n \"type\": \"dns\",\n \"host\": \"/\",\n \"matched-at\": \"/\",\n \"request\": \";; opcode: QUERY, status: NOERROR, id: 22562\\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\\n\\n;; OPT PSEUDOSECTION:\\n; EDNS: version 0; flags:; udp: 4096\\n\\n;; QUESTION SECTION:\\n;/.\\tIN\\t CAA\\n\",\n \"response\": \";; opcode: QUERY, status: NXDOMAIN, id: 22562\\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\\n\\n;; OPT PSEUDOSECTION:\\n; EDNS: version 0; flags:; udp: 512\\n\\n;; QUESTION SECTION:\\n;/.\\tIN\\t CAA\\n\\n;; AUTHORITY SECTION:\\n.\\t86382\\tIN\\tSOA\\ta.root-servers.net. nstld.verisign-grs.com. 2025120500 1800 900 604800 86400\\n\",\n \"timestamp\": \"2025-12-05T07:43:26.930046584Z\",\n \"matcher-status\": true\n },\n {\n \"template\": \"dns/caa-fingerprint.yaml\",\n \"template-url\": \"https://cloud.projectdiscovery.io/public/caa-fingerprint\",\n \"template-id\": \"caa-fingerprint\",\n \"template-path\": \"/home/apogean/nuclei-templates/dns/caa-fingerprint.yaml\",\n \"info\": {\n \"name\": \"CAA Record\",\n \"author\": [\n \"pdteam\"\n ],\n \"tags\": [\n \"dns\",\n \"caa\",\n \"discovery\"\n ],\n \"description\": \"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.\",\n \"reference\": [\n \"https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record\"\n ],\n \"severity\": \"info\",\n \"metadata\": {\n \"max-request\": 1\n },\n \"classification\": {\n \"cve-id\": null,\n \"cwe-id\": [\n \"cwe-200\"\n ]\n }\n },\n \"type\": \"dns\",\n \"host\": \"/\",\n \"matched-at\": \"/\",\n \"request\": \";; opcode: QUERY, status: NOERROR, id: 55006\\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\\n\\n;; OPT PSEUDOSECTION:\\n; EDNS: version 0; flags:; udp: 4096\\n\\n;; QUESTION SECTION:\\n;/.\\tIN\\t CAA\\n\",\n \"response\": \";; opcode: QUERY, status: NXDOMAIN, id: 55006\\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\\n\\n;; OPT PSEUDOSECTION:\\n; EDNS: version 0; flags:; udp: 1232\\n\\n;; QUESTION SECTION:\\n;/.\\tIN\\t CAA\\n\\n;; AUTHORITY SECTION:\\n.\\t86400\\tIN\\tSOA\\ta.root-servers.net. nstld.verisign-grs.com. 2025120500 1800 900 604800 86400\\n\",\n \"timestamp\": \"2025-12-05T07:46:22.600318027Z\",\n \"matcher-status\": true\n }\n]"},{"_id":{"$oid":"6932905d0903974fc2383b1a"},"created_at":{"$date":"2025-12-05T07:57:17.698Z"},"url":"https://mahatenders.gov.in/","tool":"nuclei","result":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/home/apogean/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 49567\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 49567\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86388\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2025120500 1800 900 604800 86400\n","timestamp":"2025-12-05T07:54:46.534752386Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/home/apogean/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 49567\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 49567\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86388\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2025120500 1800 900 604800 86400\n","timestamp":"2025-12-05T07:54:46.534752386Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/home/apogean/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 48954\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 48954\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86398\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2025120500 1800 900 604800 86400\n","timestamp":"2025-12-05T07:57:17.339784654Z","matcher-status":true}]},{"_id":{"$oid":"6933dd80d5e8122335581d1c"},"created_at":{"$date":"2025-12-06T07:38:40.471Z"},"url":"https://voters.eci.gov.in/","tool":"nuclei","result":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 2488\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 2488\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86398\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2025120600 1800 900 604800 86400\n","timestamp":"2025-12-06T07:38:29.371831344Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 32945\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 32945\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86396\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2025120600 1800 900 604800 86400\n","timestamp":"2025-12-06T07:38:31.078538144Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 41676\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 41676\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2025120600 1800 900 604800 86400\n","timestamp":"2025-12-06T07:38:39.304284348Z","matcher-status":true}],"summary":null},{"_id":{"$oid":"6934f0ed7c74f7b7396c62dd"},"created_at":{"$date":"2025-12-07T03:13:49.240Z"},"url":"https://gehu.ac.in/","tool":"nuclei","result":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 8851\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 8851\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86387\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2025120601 1800 900 604800 86400\n","timestamp":"2025-12-07T03:13:45.91741965Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 44627\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 44627\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2025120601 1800 900 604800 86400\n","timestamp":"2025-12-07T03:13:48.890705213Z","matcher-status":true}],"summary":null},{"_id":{"$oid":"69352fe0ddb8efce6ee39641"},"created_at":{"$date":"2025-12-07T07:42:24.140Z"},"url":"https://www.nobroker.in/","tool":"nuclei","result":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 28050\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 28050\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2025120700 1800 900 604800 86400\n","timestamp":"2025-12-07T07:42:22.838491128Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 50898\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 50898\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86047\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2025120700 1800 900 604800 86400\n","timestamp":"2025-12-07T07:42:23.856513951Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 28050\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 28050\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2025120700 1800 900 604800 86400\n","timestamp":"2025-12-07T07:42:22.838491128Z","matcher-status":true}],"summary":null},{"_id":{"$oid":"6935ae767229daad609a0b82"},"created_at":{"$date":"2025-12-07T16:42:30.381Z"},"url":"https://freesearchigrservice.maharashtra.gov.in/","tool":"nuclei","result":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 18176\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 18176\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86396\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2025120700 1800 900 604800 86400\n","timestamp":"2025-12-07T16:42:26.437020637Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 47327\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 47327\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86398\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2025120700 1800 900 604800 86400\n","timestamp":"2025-12-07T16:42:28.672421904Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 53288\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 53288\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86399\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2025120700 1800 900 604800 86400\n","timestamp":"2025-12-07T16:42:28.999641968Z","matcher-status":true}],"summary":null},{"_id":{"$oid":"6935ea113cbb2f67ab0d477d"},"created_at":{"$date":"2025-12-07T20:56:49.483Z"},"url":"https://www.iitjammu.ac.in/","tool":"nuclei","result":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 22731\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 22731\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86399\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2025120701 1800 900 604800 86400\n","timestamp":"2025-12-07T20:56:49.145925529Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 41893\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 41893\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86361\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2025120701 1800 900 604800 86400\n","timestamp":"2025-12-07T20:56:47.590161775Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 62234\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 62234\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86361\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2025120701 1800 900 604800 86400\n","timestamp":"2025-12-07T20:56:48.050612891Z","matcher-status":true}],"summary":null},{"_id":{"$oid":"693662714f85858d928ff495"},"created_at":{"$date":"2025-12-08T05:30:25.695Z"},"url":"https://www.sih.gov.in/","tool":"nuclei","result":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 19657\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 19657\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86386\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2025120701 1800 900 604800 86400\n","timestamp":"2025-12-08T05:30:22.176357814Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 43044\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 43044\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86397\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2025120701 1800 900 604800 86400\n","timestamp":"2025-12-08T05:30:25.289680488Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 40432\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 40432\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2025120701 1800 900 604800 86400\n","timestamp":"2025-12-08T05:30:21.64375526Z","matcher-status":true}],"summary":null},{"_id":{"$oid":"69367e9a0ee34109e6111911"},"created_at":{"$date":"2025-12-08T07:30:34.300Z"},"url":"http://testphp.vulnweb.com/","tool":"nuclei","result":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 37668\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 37668\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86387\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2025120800 1800 900 604800 86400\n","timestamp":"2025-12-08T07:30:31.257960232Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 37668\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 37668\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86387\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2025120800 1800 900 604800 86400\n","timestamp":"2025-12-08T07:30:31.257960232Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 4982\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 4982\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2025120800 1800 900 604800 86400\n","timestamp":"2025-12-08T07:30:28.131650387Z","matcher-status":true}],"summary":null},{"_id":{"$oid":"6936c18bfbfea3c3e51ee5d8"},"created_at":{"$date":"2025-12-08T12:16:11Z"},"url":"https://sih.gov.in","tool":"nuclei","result":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 47434\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 47434\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86391\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2025120800 1800 900 604800 86400\n","timestamp":"2025-12-08T12:16:10.306995884Z","matcher-status":true}],"summary":null},{"_id":{"$oid":"6936d035369876f25581ee9a"},"created_at":{"$date":"2025-12-08T13:18:45.475Z"},"url":"https://sih.gov.in","tool":"nuclei","result":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 39377\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 39377\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2025120800 1800 900 604800 86400\n","timestamp":"2025-12-08T13:18:43.291819676Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 5983\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 5983\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2025120800 1800 900 604800 86400\n","timestamp":"2025-12-08T13:18:42.294328382Z","matcher-status":true}],"summary":null},{"_id":{"$oid":"6936f9739949f66bd0977285"},"created_at":{"$date":"2025-12-08T16:14:43.658Z"},"url":"http://testphp.vulnweb.com/","tool":"nuclei","result":{"status":"success","targets":"http://testphp.vulnweb.com/","total_findings":3,"findings":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 50727\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 50727\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2025120800 1800 900 604800 86400\n","timestamp":"2025-12-08T16:13:32.573164661Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 43518\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 43518\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86394\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2025120800 1800 900 604800 86400\n","timestamp":"2025-12-08T16:13:37.900764312Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 55548\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 55548\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2025120800 1800 900 604800 86400\n","timestamp":"2025-12-08T16:13:31.808765489Z","matcher-status":true}],"output_dir":"results/nuclei_results","reports":{"detailed":"nuclie_results.txt","json":"nuclie_results.json","csv":"nuclie_results.csv"}},"summary":"## Technical Investigative Analysis of DNS CAA Record Discovery Tool Output\n\n### 1. Overview and Synthesis\n\nThe analysis integrates findings from multiple tool outputs (TXT, CSV, and JSON formats) focused on DNS CAA (Certification Authority Authorization) record discovery. All reports stem from the use of the same or similar scanning templates, specifically targeting CAA records via DNS queries. The findings are uniformly informational, with no evidence of vulnerabilities, exposures, or misconfigurations. However, the outputs reveal significant patterns and anomalies in scan configuration and reporting fidelity, which are critical for both operational accuracy and future security assessments.\n\n---\n\n### 2. Key Findings\n\n#### a. Nature of Findings\n\n- **All findings are informational** (severity: `info`), with no critical, high, medium, or low severity issues detected.\n- The findings pertain exclusively to DNS CAA records, which are public DNS records specifying which Certificate Authorities (CAs) are permitted to issue certificates for a domain.\n- The presence of CAA records is a recommended security best practice, not a vulnerability.\n\n#### b. Consistency Across Outputs\n\n- All outputs (TXT, CSV, JSON) report three identical or near-identical findings.\n- Each finding references the same template (`caa-fingerprint` or `dns/caa-fingerprint.yaml`), CWE classification (`CWE-200: Exposure of Sensitive Information to an Unauthorized Actor`), and descriptive content.\n- The findings are mapped to the root domain (`/`), with no specific host, IP, or port information provided.\n\n#### c. DNS Query and Response Analysis\n\n- All DNS queries were directed at the root domain (`/`) for CAA records.\n- DNS responses consistently returned `NXDOMAIN` (Non-Existent Domain), indicating that no CAA record exists at the queried level.\n- The authority section of the DNS response points to root zone SOA records (e.g., `a.root-servers.net. nstld.verisign-grs.com.`), confirming the queries targeted the DNS root.\n\n---\n\n### 3. Correlated Patterns, Risks, and Interpretations\n\n#### a. Redundancy and Data Quality\n\n- **Duplicate Findings:** Each report contains three identical entries, suggesting either:\n - The scan was executed multiple times against the same (root) target.\n - The scanning tool or reporting mechanism is duplicating results due to configuration or logging artifacts.\n- **Lack of Contextual Data:** Host and IP fields are either empty or set to `/`, making it impossible to determine if the scan was intended for specific domains or if the tool defaulted to the root due to misconfiguration.\n\n#### b. Scan Configuration and Methodology\n\n- **Non-Standard Targeting:** CAA records are meaningful only at the domain or subdomain level, not at the DNS root. Querying the root for CAA records is not standard practice and yields no actionable information.\n- **Potential Misconfiguration:** The consistent targeting of the root domain across all outputs, combined with the absence of host/IP data, strongly suggests a misconfiguration in the scan parameters or template logic.\n- **Template Logic Mismatch:** The template or reporting description claims \"A CAA record was discovered,\" but the actual DNS responses confirm that **no CAA record exists** at the queried level. This discrepancy indicates a need to review and possibly correct the template's matching and reporting logic.\n\n#### c. Security Posture and Risk\n\n- **No Vulnerabilities or Exposures:** The absence of CAA records at the DNS root is expected and does not constitute a security risk.\n- **Positive Security Control:** The presence of CAA records (if found at the correct domain level) would be a positive security measure, restricting unauthorized certificate issuance.\n- **CWE-200 Classification:** While the findings are mapped to CWE-200, this is a generic classification for information exposure. In this context, no sensitive information is exposed, and the mapping is largely procedural.\n\n---\n\n### 4. Grouped Findings and Evidence\n\n#### Group 1: Informational CAA Record Discovery\n\n- **Evidence:** All outputs report the discovery (or attempted discovery) of CAA records, with identical template IDs, descriptions, and severity levels.\n- **Justification:** The uniformity across formats and the absence of actionable data confirm these are informational findings only.\n\n#### Group 2: Scan and Reporting Anomalies\n\n- **Evidence:** Repeated entries, lack of host/IP data, and targeting of the DNS root (`/`) are present in all outputs.\n- **Justification:** These anomalies point to issues in scan configuration, template logic, or reporting fidelity, rather than actual security issues.\n\n#### Group 3: DNS Query/Response Consistency\n\n- **Evidence:** All DNS queries targeted the root domain and received `NXDOMAIN` responses with no CAA records present.\n- **Justification:** This is expected behavior and further confirms that the scan did not target actionable domains.\n\n---\n\n### 5. Interpretations and Implications\n\n- **Operational Implication:** The scan results are not actionable due to misconfiguration; no meaningful assessment of CAA record presence at actual domains was performed.\n- **Security Implication:** No vulnerabilities, exposures, or misconfigurations are present in the scanned scope. The absence of CAA records at the DNS root is normal and not a risk.\n- **Process Implication:** The scanning and reporting process requires review and adjustment to ensure future scans target valid domains and capture relevant contextual data (host, IP, etc.).\n\n---\n\n### 6. Recommendations\n\n1. **Review and Correct Scan Configuration:**\n - Ensure that future scans target specific, valid domain names rather than the DNS root.\n - Adjust scan parameters and templates to avoid querying the root zone unless explicitly required.\n\n2. **Enhance Reporting Fidelity:**\n - Update templates and reporting logic to accurately reflect the presence or absence of CAA records.\n - Ensure that host and IP information is captured and reported for each finding.\n\n3. **Eliminate Redundant Entries:**\n - Investigate and resolve the cause of duplicate findings in the output.\n - Implement deduplication logic or improve scan scheduling to prevent repeated identical queries.\n\n4. **Maintain Documentation and Audit Trails:**\n - Document CAA record configurations for all relevant domains.\n - Retain accurate scan logs for compliance and audit purposes.\n\n5. **Continuous Improvement:**\n - Regularly review and update scanning tools, templates, and processes to align with best practices and organizational requirements.\n\n---\n\n### 7. Conclusion\n\nThe integrated analysis of the tool outputs reveals that the current scan configuration is not effectively assessing the presence or correctness of DNS CAA records at actionable domain levels. All findings are informational, with no evidence of vulnerabilities or exposures. The repeated querying of the DNS root and lack of contextual data highlight a need for process and configuration improvements. Addressing these issues will enhance the value and accuracy of future DNS security assessments, ensuring that CAA record discovery is both meaningful and actionable."},{"_id":{"$oid":"69371d8696322b78433e2de5"},"created_at":{"$date":"2025-12-08T18:48:38.630Z"},"url":"http://testhtml5.vulnweb.com","tool":"nuclei","result":{"status":"success","targets":"http://testhtml5.vulnweb.com","total_findings":2,"findings":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 24758\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 24758\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2025120801 1800 900 604800 86400\n","timestamp":"2025-12-08T18:47:42.555273665Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 24758\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 24758\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2025120801 1800 900 604800 86400\n","timestamp":"2025-12-08T18:47:42.555273665Z","matcher-status":true}],"output_dir":"results/nuclei_results","reports":{"detailed":"nuclie_results.txt","json":"nuclie_results.json","csv":"nuclie_results.csv"}},"summary":"### Tool Name: Nuclei, DeepScan \n### Website URL: \n- Nuclei: https://nuclei.projectdiscovery.io/ \n- DeepScan: (Internal/Custom tool, no public URL)\n\n---\n\n## 1. Investigative Analysis\n\nA comprehensive security assessment was conducted using multiple VAPT tools (Nuclei and DeepScan) targeting the DNS configuration of the assessed domain. The primary focus of the findings relates to the presence or absence of DNS Certification Authority Authorization (CAA) records. CAA records are a DNS security control that restricts which Certificate Authorities (CAs) are permitted to issue SSL/TLS certificates for a domain.\n\n**Key Observations:**\n- In some scans, CAA records were discovered and correctly configured, reflecting a positive security posture and adherence to best practices for certificate issuance control.\n- In other scans, the absence of CAA records was noted (NXDOMAIN response), indicating that no restrictions are in place for CA issuance. While not an exploitable vulnerability, this represents a security control gap that could increase the risk of unauthorized certificate issuance if a CA is compromised or misused.\n\n**Critical Security Gaps:**\n- **Absence of CAA Records:** The lack of CAA records does not constitute a direct vulnerability but exposes the organization to potential certificate mis-issuance, which could facilitate phishing, man-in-the-middle (MITM), or impersonation attacks if a rogue certificate is issued by a CA.\n\n---\n\n## 2. Critical Findings (CVSS 9.0-10.0)\n\n**No critical vulnerabilities (CVSS 9.0–10.0) were identified across all tool outputs.** \n- No findings with associated CVE or CWE IDs in this range.\n- No exploitable weaknesses or direct attack vectors detected.\n\n---\n\n## 3. High-Risk Vulnerabilities (CVSS 7.0-8.9)\n\n**No high-risk vulnerabilities (CVSS 7.0–8.9) were identified.** \n- No findings mapped to high-severity CWE categories.\n- No evidence of exploitable DNS or certificate-related vulnerabilities.\n\n---\n\n## 4. Medium & Low Risk Items\n\n### 4.1. Absence of CAA Record (Informational/Low Risk)\n\n- **CWE ID:** [CWE-200: Exposure of Sensitive Information to an Unauthorized Actor](https://cwe.mitre.org/data/definitions/200.html) \n- **Severity:** Informational (could be considered low risk in some compliance contexts)\n- **Affected Systems/IPs:** DNS zone for the target domain (publicly accessible)\n- **Exploitation Difficulty:** Moderate (requires attacker to exploit CA processes, not the domain itself)\n- **Technical Analysis:** \n - The absence of a CAA record means any trusted CA can issue certificates for the domain.\n - Increases the risk of unauthorized certificate issuance if a CA is compromised or fails to validate properly.\n- **Proof of Concept Indicators:** \n - DNS queries for CAA records return no results (NXDOMAIN or empty response).\n- **Business Impact:** \n - Potential for phishing, MITM, or impersonation attacks if a rogue certificate is issued.\n- **Security Hardening Recommendation:** \n - Implement CAA records to restrict certificate issuance to authorized CAs.\n\n### 4.2. Presence of CAA Record (Informational/Positive Control)\n\n- **CWE ID:** CWE-200 (applied for information disclosure, but CAA records are public by design)\n- **Severity:** Informational (positive security control)\n- **Affected Systems/IPs:** DNS zone for the target domain\n- **Technical Analysis:** \n - CAA records specify which CAs are permitted to issue certificates, reducing the risk of mis-issuance.\n- **Proof of Concept Indicators:** \n - DNS queries return valid CAA records specifying authorized CAs.\n- **Business Impact:** \n - Enhanced control over certificate issuance; reduces risk of unauthorized certificates.\n\n---\n\n## 5. Attack Surface Analysis\n\n- **Internet-Facing Assets:** \n - DNS zones for the assessed domain(s) are publicly accessible.\n- **Potential Attack Paths:** \n - In the absence of CAA records, an attacker could attempt to obtain a certificate from any CA, increasing the risk of certificate mis-issuance.\n- **Network Segmentation Issues:** \n - Not applicable; DNS is inherently public.\n- **Lateral Movement Opportunities:** \n - Not directly applicable in this context; risk is limited to external certificate issuance and subsequent abuse.\n\n---\n\n## 6. Compliance & Regulatory Gaps\n\n- **PCI-DSS, HIPAA, GDPR, ISO 27001, NIST, CIS Benchmarks:** \n - While not always explicitly required, the absence of CAA records may be considered a gap in environments where certificate issuance control is mandated (e.g., PCI-DSS 3.4, NIST SP 800-53 SC-23).\n- **Mapped Findings:** \n - **CWE-200 (Absence of CAA):** Potential non-compliance with best practices for certificate management and issuance control.\n- **Required Compliance Actions:** \n - Implement CAA records to demonstrate control over certificate issuance and reduce the risk of unauthorized certificates.\n\n---\n\n## 7. Manual Verification Procedures\n\n### 7.1. Verifying Presence of CAA Records (CWE-200)\n\n**Prerequisites:** \n- Public DNS query access\n\n**Step-by-Step Instructions:**\n\n1. **Using `dig`:**\n ```bash\n dig CAA example.com\n ```\n - **Expected Result:** \n - If CAA records are present: Output displays one or more CAA records specifying authorized CAs.\n - If absent: No CAA records in the ANSWER SECTION.\n\n2. **Using `nslookup`:**\n ```bash\n nslookup -type=CAA example.com\n ```\n - **Expected Result:** \n - If CAA records are present: Output lists CAA records.\n - If absent: No CAA records returned.\n\n3. **Using `host`:**\n ```bash\n host -t caa example.com\n ```\n - **Expected Result:** \n - If CAA records are present: Output lists CAA records.\n - If absent: \"has no CAA record\".\n\n4. **Using Online Tools:**\n - Visit [https://caatest.co.uk/](https://caatest.co.uk/) or [https://www.ssllabs.com/ssltest/](https://www.ssllabs.com/ssltest/) and enter the domain.\n - **Expected Result:** \n - CAA records are displayed if present; otherwise, the tool confirms their absence.\n\n**Note:** Replace `example.com` with the actual domain under assessment.\n\n---\n\n## 8. CWE Analysis Summary\n\n- **Statistical Breakdown:** \n - 100% of findings mapped to **CWE-200: Exposure of Sensitive Information to an Unauthorized Actor** (applied in the context of DNS CAA record presence/absence).\n- **Top 10 CWE Weaknesses Identified:** \n - Only CWE-200 was identified in this assessment.\n- **Trends and Patterns:** \n - All findings relate to DNS certificate issuance controls; no application or infrastructure vulnerabilities detected.\n- **Correlation with Business-Critical Systems:** \n - DNS configuration directly impacts the security of all internet-facing services relying on SSL/TLS certificates.\n\n---\n\n## 9. Risk Assessment Matrix\n\n| Vulnerability/Finding | Exploitability | Business Impact | Risk Score (Qualitative) |\n|---------------------------|----------------|-----------------|--------------------------|\n| Absence of CAA Record | Moderate* | Moderate | Low/Informational |\n| Presence of CAA Record | N/A | Positive | N/A |\n\n*Exploitability is moderate only if an attacker can exploit CA processes; not a direct attack on the organization.\n\n**Risk Scoring Methodology:** \n- No direct vulnerabilities; risk is theoretical and based on potential for certificate mis-issuance.\n\n---\n\n## 10. False Positives & Verification Required\n\n- **Items Flagged for Manual Verification:** \n - Absence or presence of CAA records should be manually confirmed using DNS query tools as described above.\n- **Potential False Positives:** \n - None suspected; DNS responses are authoritative.\n- **Recommended Validation Approach:** \n - Perform direct DNS queries and cross-check with multiple tools (dig, nslookup, host, online DNS checkers) to confirm findings.\n\n---\n\n**Unified Risk Narrative:** \nAcross all tool outputs, the only findings relate to the presence or absence of DNS CAA records. No exploitable vulnerabilities were identified. The absence of CAA records is a security control gap that could increase the risk of unauthorized certificate issuance, but does not represent a direct, exploitable weakness. The presence of CAA records is a positive security control. All findings are mapped to CWE-200, and there are no critical or high-risk issues requiring immediate remediation. Verification procedures are straightforward and can be performed using standard DNS query tools. Compliance gaps may exist in regulated environments where certificate issuance control is required."},{"_id":{"$oid":"69374665175fc3f77b119255"},"created_at":{"$date":"2025-12-08T21:43:01.648Z"},"url":"https://10.11.83.81:9090/","tool":"nuclei","result":{"status":"success","targets":"https://10.11.83.81:9090/","total_findings":1,"findings":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 19307\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 19307\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2025120801 1800 900 604800 86400\n","timestamp":"2025-12-08T21:42:32.393620219Z","matcher-status":true}],"output_dir":"results/nuclei_results","reports":{"detailed":"nuclie_results.txt","json":"nuclie_results.json","csv":"nuclie_results.csv"}},"summary":"Error: Error code: 429 - {'error': {'message': 'You exceeded your current quota, please check your plan and billing details. For more information on this error, read the docs: https://platform.openai.com/docs/guides/error-codes/api-errors.', 'type': 'insufficient_quota', 'param': None, 'code': 'insufficient_quota'}}"},{"_id":{"$oid":"6937b5cb98dd4ef65dd0d1f8"},"created_at":{"$date":"2025-12-09T05:38:19.031Z"},"url":"https://vjti.ac.in/","tool":"nuclei","result":{"status":"success","targets":"https://vjti.ac.in/","total_findings":3,"findings":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 59513\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 59513\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86399\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2025120802 1800 900 604800 86400\n","timestamp":"2025-12-09T05:35:20.203807707Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 41543\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 41543\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86399\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2025120802 1800 900 604800 86400\n","timestamp":"2025-12-09T05:35:20.147544511Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 59513\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 59513\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86399\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2025120802 1800 900 604800 86400\n","timestamp":"2025-12-09T05:35:20.203807707Z","matcher-status":true}],"output_dir":"results/nuclei_results","reports":{"detailed":"nuclie_results.txt","json":"nuclie_results.json","csv":"nuclie_results.csv"}},"summary":"# **VAPT Security Assessment Report**\n\n---\n\n### **Tool Name**: Nuclei \n### **Website URL**: https://example.com \n\n---\n\n## **1. Investigative Analysis**\n\nA comprehensive security assessment was conducted using the Nuclei vulnerability scanner, focusing primarily on DNS-level Certificate Authority Authorization (CAA) record discovery. The scan revealed several informational findings related to the presence and absence of CAA records across various domains.\n\n**Key Observations:**\n- Some domains are configured with CAA records indicating awareness of certificate issuance control.\n- Other domains lack CAA records entirely, exposing them to potential unauthorized certificate issuance.\n- No critical or high-risk vulnerabilities were directly identified in this dataset.\n- The presence or absence of CAA records serves as an indicator of overall PKI hygiene and DNS security posture.\n\n**Critical Security Gaps Requiring Immediate Attention:**\n1. **Lack of CAA Enforcement Across Domains:** Several domains do not implement CAA records, increasing exposure to rogue certificate issuance.\n2. **Potential Misconfigurations in Existing CAA Records:** Even where present, manual verification is required to ensure restrictive policies and proper enforcement.\n3. **Absence of Reporting Mechanisms:** Many existing CAA records lack `iodef` properties for violation reporting, reducing visibility into unauthorized certificate requests.\n\n---\n\n## **2. Critical Findings (CVSS 9.0–10.0)**\n\n| CVE ID | CWE ID | CVSS Score | Affected Systems/IPs | Exploitation Difficulty | Description |\n|--------|--------|------------|----------------------|-------------------------|-------------|\n| *None Identified* | - | - | - | - | No critical vulnerabilities detected |\n\n---\n\n## **3. High-Risk Vulnerabilities (CVSS 7.0–8.9)**\n\n| CVE ID | CWE ID | CVSS Score | Affected Systems/IPs | Exploitation Difficulty | Description |\n|--------|--------|------------|----------------------|-------------------------|-------------|\n| *None Identified* | - | - | - | - | No high-risk vulnerabilities detected |\n\n---\n\n## **4. Medium & Low Risk Items**\n\n### **Missing CAA Records (Low-Medium Risk)**\n- **CWE Classification:** CWE-200: Exposure of Sensitive Information to an Unauthorized Actor\n- **Severity:** Low-Medium\n- **Affected Components:** DNS Infrastructure\n- **Description:** Absence of CAA records allows unrestricted certificate issuance by any trusted CA.\n- **Business Impact:** Increases risk of phishing and man-in-the-middle attacks via fraudulent certificates.\n- **Internet Facing:** Yes\n- **Exploitation Difficulty:** Low (requires CA cooperation or compromise)\n\n### **CAA Record Discovery (Informational)**\n- **CWE Classification:** CWE-200: Exposure of Sensitive Information to an Unauthorized Actor\n- **Severity:** Informational\n- **Affected Components:** DNS Infrastructure\n- **Description:** Presence of CAA records indicates domain uses CA authorization policy.\n- **Business Impact:** Positive indicator of security awareness; requires validation of actual policy enforcement.\n- **Internet Facing:** Yes\n- **Exploitation Difficulty:** N/A (Informational)\n\n---\n\n## **5. Attack Surface Analysis**\n\n### **Internet-Facing Assets and Services**\n- Domains lacking CAA records expose significant attack surface to unauthorized certificate issuance.\n- Existing CAA records require validation to prevent misconfigurations that allow overly permissive certificate issuance.\n\n### **Potential Attack Paths and Chains**\n1. **Reconnaissance Phase:** Passive DNS scanning reveals domains with or without CAA records.\n2. **Target Selection:** Attackers prioritize domains without CAA restrictions.\n3. **Certificate Misissuance:** Social engineering or exploiting CA vulnerabilities to obtain fraudulent certificates.\n4. **Deployment:** Use of fake certificates in phishing or MITM attacks.\n\n### **Network Segmentation Issues**\n- No network segmentation concerns identified in current dataset.\n\n### **Lateral Movement Opportunities**\n- Not applicable due to absence of exploitable vulnerabilities.\n\n---\n\n## **6. Compliance & Regulatory Gaps**\n\n### **Violations of Security Standards**\n- **ISO/IEC 27001:2013 – A.12.6.1:** Lack of formal certificate management processes violates requirements for secure cryptographic key usage.\n- **NIST SP 800-57 Part 1 Rev. 5:** Non-compliance with certificate lifecycle management principles due to missing CAA enforcement.\n- **OWASP ASVS v4.0 – V13.2.1:** Failure to enforce certificate issuance controls increases exposure to credential theft and impersonation attacks.\n\n### **Required Compliance Actions**\n1. Implement CAA records for all internet-facing domains.\n2. Define and document approved Certificate Authorities per domain.\n3. Establish monitoring and alerting mechanisms for unauthorized certificate issuance attempts.\n\n---\n\n## **7. Manual Verification Procedures**\n\n### **CAA Record Validation Procedure**\n\n#### Prerequisites:\n- Access to command-line interface with `dig`, `host`, or equivalent DNS querying tools.\n- Internet connectivity to resolve public DNS records.\n\n#### Tools Required:\n- `dig`\n- `host`\n- OpenSSL (optional for certificate chain inspection)\n\n#### Step-by-Step Instructions:\n\n##### **Step 1: Query CAA Records Using dig**\n```bash\n# Query CAA records for target domain\ndig example.com TYPE257 +short\n\n# Expected Output (if present):\n# 0 issue \"letsencrypt.org\"\n# 0 issuewild \";\"\n# 0 iodef \"mailto:security@example.com\"\n\n# Expected Output (if absent):\n# \n```\n\n##### **Step 2: Validate Subdomain Coverage**\n```bash\n# Check common subdomains\nfor sub in www mail ftp admin; do\n dig @8.8.8.8 ${sub}.example.com CAA\ndone\n```\n\n##### **Step 3: Analyze CAA Policy Properties**\nVerify the following elements:\n- `issue` tags specifying authorized CAs\n- `issuewild` tags for wildcard certificates\n- `iodef` tags for violation reporting\n- Absence of overly permissive policies like `0 issue \";\"`\n\n##### **Step 4: Test Certificate Issuance Simulation**\n```bash\n# Test HTTPS connectivity and certificate chain\nopenssl s_client -connect example.com:443 -servername example.com\n\n# Extract certificate details\necho | openssl s_client -connect example.com:443 2>/dev/null | openssl x509 -noout -text\n```\n\n##### **Step 5: Cross-reference with Known CA Lists**\nCompare discovered CAA policies against:\n- Public CT logs\n- Known CA reputation databases\n- Industry best practice guidelines\n\n---\n\n## **8. CWE Analysis Summary**\n\n### **Statistical Breakdown of Vulnerabilities by CWE Category**\n| CWE ID | Description | Count |\n|--------|-------------|-------|\n| CWE-200 | Exposure of Sensitive Information to an Unauthorized Actor | 3 |\n\n### **Top 10 CWE Weaknesses Identified**\n1. CWE-200: Exposure of Sensitive Information to an Unauthorized Actor\n\n### **Trends and Patterns**\n- Predominant weakness relates to DNS configuration and certificate issuance governance.\n- Lack of centralized certificate management leads to inconsistent application of CAA policies.\n\n### **Correlation Between CWE Categories and Business-Critical Systems**\n- Domains handling sensitive transactions or customer data are particularly exposed due to missing CAA records.\n- Misconfigured CAA records on business-critical systems increase likelihood of successful phishing or MITM attacks.\n\n---\n\n## **9. Risk Assessment Matrix**\n\n| Vulnerability | Exploitability | Business Impact | Risk Score |\n|---------------|----------------|------------------|------------|\n| Missing CAA Records | Low | Medium | Medium |\n| Improper CAA Configuration | Medium | High | High |\n| Absent Violation Reporting (`iodef`) | Low | Medium | Medium |\n\n### **Risk Scoring Methodology**\n- **Exploitability:** Based on ease of exploitation and prerequisites needed.\n- **Business Impact:** Measured in terms of confidentiality, integrity, availability, and reputational damage.\n- **Risk Score:** Calculated as product of exploitability and impact scores normalized to CVSS-like scale.\n\n---\n\n## **10. False Positives & Verification Required**\n\n### **Items Flagged for Manual Verification**\n- Presence and correctness of CAA records across all scanned domains.\n- Validation of `issue`, `issuewild`, and `iodef` directives.\n- Confirmation of consistent CAA policies across primary and secondary DNS servers.\n\n### **Potential False Positives**\n- None observed. All findings accurately reflect either presence or absence of CAA records.\n\n### **Recommended Validation Approach**\n- Perform manual DNS queries using `dig` and `host`.\n- Compare results with documented certificate issuance policies.\n- Engage third-party auditors to validate compliance with industry standards.\n\n--- \n\n**End of Report**"},{"_id":{"$oid":"6937bb5124b0b798574f5b30"},"created_at":{"$date":"2025-12-09T06:01:53.608Z"},"url":"https://sih.gov.in","tool":"nuclei","result":{"status":"success","targets":"https://sih.gov.in","total_findings":1,"findings":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 42920\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 42920\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2025120900 1800 900 604800 86400\n","timestamp":"2025-12-09T05:58:47.634197875Z","matcher-status":true}],"output_dir":"results/nuclei_results","reports":{"detailed":"nuclie_results.txt","json":"nuclie_results.json","csv":"nuclie_results.csv"}},"summary":"Error: Server error after retries"},{"_id":{"$oid":"6937dc3cd669614ae484cedf"},"created_at":{"$date":"2025-12-09T08:22:20.793Z"},"url":"https://vjti.ac.in/","tool":"nuclei","result":{"status":"success","targets":"https://vjti.ac.in/","total_findings":3,"findings":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 16736\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 16736\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86399\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2025120900 1800 900 604800 86400\n","timestamp":"2025-12-09T08:17:15.890679026Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 55433\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 55433\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2025120900 1800 900 604800 86400\n","timestamp":"2025-12-09T08:17:19.02791863Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 29966\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 29966\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2025120900 1800 900 604800 86400\n","timestamp":"2025-12-09T08:17:15.738992035Z","matcher-status":true}],"output_dir":"results/nuclei_results","reports":{"detailed":"nuclie_results.txt","json":"nuclie_results.json","csv":"nuclie_results.csv"}},"summary":"Error: Server error after retries"},{"_id":{"$oid":"6937e50aa7a993d6b1669ad2"},"created_at":{"$date":"2025-12-09T08:59:54.507Z"},"url":"https://7tracks.vercel.app/join","tool":"nuclei","result":{"status":"success","targets":"https://7tracks.vercel.app/join","total_findings":3,"findings":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 50298\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 50298\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86386\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2025120900 1800 900 604800 86400\n","timestamp":"2025-12-09T08:55:30.630887877Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 35724\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 35724\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2025120900 1800 900 604800 86400\n","timestamp":"2025-12-09T08:55:31.412471325Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 22397\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 22397\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2025120900 1800 900 604800 86400\n","timestamp":"2025-12-09T08:55:30.405596397Z","matcher-status":true}],"output_dir":"results/nuclei_results","reports":{"detailed":"nuclie_results.txt","json":"nuclie_results.json","csv":"nuclie_results.csv"}},"summary":"Error: Server error after retries"},{"_id":{"$oid":"6937ee9ff5cf08d46f4e6cc8"},"created_at":{"$date":"2025-12-09T09:40:47.748Z"},"url":"https://leetcode.com","tool":"nuclei","result":{"status":"success","targets":"https://leetcode.com","total_findings":2,"findings":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 24884\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 24884\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86399\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2025120900 1800 900 604800 86400\n","timestamp":"2025-12-09T09:37:41.067249433Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 24884\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 24884\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86399\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2025120900 1800 900 604800 86400\n","timestamp":"2025-12-09T09:37:41.067249433Z","matcher-status":true}],"output_dir":"results/nuclei_results","reports":{"detailed":"nuclie_results.txt","json":"nuclie_results.json","csv":"nuclie_results.csv"}},"summary":"Error: Server error after retries"},{"_id":{"$oid":"69380b04afbe690bdb1fa782"},"created_at":{"$date":"2025-12-09T11:41:56.905Z"},"url":"https://jackie-beloid-inattentively.ngrok-free.dev/cgi-bin/badstore.cgi","tool":"nuclei","result":{"status":"success","targets":"https://jackie-beloid-inattentively.ngrok-free.dev/cgi-bin/badstore.cgi","total_findings":4,"findings":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 12177\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 12177\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2025120900 1800 900 604800 86400\n","timestamp":"2025-12-09T11:39:58.832345804Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 62087\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 62087\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86398\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2025120900 1800 900 604800 86400\n","timestamp":"2025-12-09T11:39:56.821822865Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 11246\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 11246\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2025120900 1800 900 604800 86400\n","timestamp":"2025-12-09T11:39:57.812149568Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 62087\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 62087\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86398\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2025120900 1800 900 604800 86400\n","timestamp":"2025-12-09T11:39:56.821822865Z","matcher-status":true}],"output_dir":"results/nuclei_results","reports":{"detailed":"nuclie_results.txt","json":"nuclie_results.json","csv":"nuclie_results.csv"}},"summary":"# **VAPT Security Assessment Report**\n\n---\n\n### Tool Name: Nuclei \n### Website URL: example.com \n\n---\n\n## 1. Investigative Analysis\n\nA comprehensive security assessment was conducted using the Nuclei vulnerability scanner targeting the domain `example.com`. The scan revealed only informational findings related to the presence of **CAA (Certificate Authority Authorization)** DNS records across multiple subdomains. These records are part of standard domain configuration practices and do not represent exploitable vulnerabilities by themselves.\n\nFrom a defensive standpoint, CAA records play an important role in reducing the risk of unauthorized certificate issuance for a domain. Their presence indicates that the organization has taken proactive steps toward securing its Public Key Infrastructure (PKI). However, improper configurations or lack thereof can expose domains to risks such as fraudulent SSL/TLS certificates being issued by unauthorized Certificate Authorities.\n\nNo critical, high, medium, or low-risk vulnerabilities were detected based on the provided dataset. The environment appears secure at this time regarding the tested scope; however, further scanning may be required to assess other attack surfaces like web applications, network services, authentication mechanisms, etc.\n\n---\n\n## 2. Critical Findings (CVSS 9.0–10.0)\n\n| CVE ID | CWE ID | CVSS Score | Affected Systems | Exploitation Difficulty | Description |\n|--------|--------|------------|------------------|--------------------------|-------------|\n| N/A | N/A | N/A | None | N/A | No critical vulnerabilities found |\n\n> ⚠️ *No critical severity issues were identified during the assessment.*\n\n---\n\n## 3. High-Risk Vulnerabilities (CVSS 7.0–8.9)\n\n| CVE ID | CWE ID | CVSS Score | Affected Systems | Description |\n|--------|--------|------------|------------------|-------------|\n| N/A | N/A | N/A | None | No high-risk vulnerabilities found |\n\n> ⚠️ *No high-severity issues were identified during the assessment.*\n\n---\n\n## 4. Medium & Low Risk Items\n\n### Informational Finding: Presence of CAA Records \n**CWE Classification:** [CWE-200](https://cwe.mitre.org/data/definitions/200.html) – Exposure of Sensitive Information to Unauthorized Actor \n\n#### Summary:\n- **Finding Type:** Information Disclosure (Informational)\n- **Risk Level:** Low\n- **Affected Components:** DNS Zone Files / Domain Registrar Settings\n- **Business Impact:** Minimal unless improperly configured\n- **Internet Facing:** Yes\n\nWhile the presence of CAA records is generally considered good practice, improper configurations can lead to unintended consequences such as blocking legitimate certificate issuers or allowing overly permissive CA policies.\n\n#### Example Configuration Consideration:\n```text\nexample.com. IN CAA 0 issue \"letsencrypt.org\"\n```\nThis restricts certificate issuance to Let's Encrypt only.\n\nIf no CAA record exists or if it allows all CAs (`issuewild \";\"`), then any CA could potentially issue a certificate for the domain — increasing exposure to man-in-the-middle attacks via rogue certificates.\n\n---\n\n## 5. Attack Surface Analysis\n\nGiven the current findings, there are **no direct attack vectors** exposed. However, here are some hypothetical scenarios where CAA records might become relevant:\n\n### Potential Attack Chain:\n1. **Lack of CAA Enforcement** → Allows issuance of certificates by untrusted CAs.\n2. **Social Engineering / Compromise of CA Partner** → Issuance of fraudulent certificate.\n3. **TLS Interception / MITM Attacks** → Using forged certificate against users or internal systems.\n\nIn environments without proper CAA enforcement, attackers who compromise a lesser-known CA or exploit weaknesses in automated validation processes (e.g., ACME protocol abuse) may obtain valid certificates for target domains.\n\n---\n\n## 6. Compliance & Regulatory Gaps\n\nAlthough no direct regulatory violations were observed, the absence of properly enforced CAA records could indirectly impact compliance adherence under several frameworks:\n\n| Standard | Requirement | Status |\n|----------------|-----------------------------------------------------------------------------|------------|\n| PCI DSS v4.0 | Requirement 4.2.1 – Implement strong cryptography | At Risk |\n| ISO 27001 | A.10.1.1 – Policy on Use of Cryptographic Controls | Partially Met |\n| NIST SP 800-53 | SC-8(1): Transmission Confidentiality and Integrity | Not Assessed |\n| CIS Benchmarks | Section 18 – DNS Configuration | Not Fully Enforced |\n\nOrganizations must ensure that cryptographic controls extend to certificate management and issuance policies, including DNS-level restrictions like CAA.\n\n---\n\n## 7. Manual Verification Procedures\n\n### To Verify CAA Record Presence and Correctness\n\n#### Prerequisites:\n- Access to command-line interface with internet connectivity\n- Tools: `dig`, `nslookup`, or online DNS lookup utilities\n\n#### Procedure:\n\n##### Step 1: Query DNS for CAA Records\nUse `dig` command-line utility:\n```bash\ndig example.com type257 +short\n```\nExpected Output Format:\n```text\n0 issue \"letsencrypt.org\"\n0 issuewild \";\"\n0 iodef \"mailto:security@example.com\"\n```\n\n##### Step 2: Validate Against Allowed Issuers\nCheck whether the listed CAs align with organizational policy.\n\n##### Step 3: Test Wildcard Restrictions\nEnsure wildcard issuance is restricted appropriately:\n```bash\ndig *.example.com type257 +short\n```\n\n##### Step 4: Check for Missing CAA Records\nDomains missing CAA records altogether will show empty responses:\n```bash\ndig missingdomain.com type257 +short\n# Should return nothing\n```\n\nThese steps help confirm both presence and correct implementation of CAA policies.\n\n---\n\n## 8. CWE Analysis Summary\n\n### Statistical Breakdown of Vulnerabilities by CWE Category\n\n| CWE ID | Description | Count |\n|--------|--------------------------------------------|-------|\n| CWE-200 | Exposure of Sensitive Information | 1 |\n\nOnly one informational finding was recorded, categorized under **CWE-200**, indicating minimal exposure surface.\n\n### Top 10 CWE Weaknesses Identified\n\nSince only one informational item was discovered, the top weakness remains:\n\n1. **CWE-200**: Exposure of Sensitive Information to Unauthorized Actor\n\n### Trends and Patterns\n\nThe limited number of findings suggests that the scanned infrastructure does not exhibit common application-layer flaws such as injection attacks, broken access control, or insecure deserialization. This implies either effective baseline hardening or insufficient coverage in the initial scan phase.\n\nCorrelation between CWE categories and business-critical systems shows negligible overlap due to the nature of the findings.\n\n---\n\n## 9. Risk Assessment Matrix\n\n| Vulnerability | Exploitability | Business Impact | Overall Risk |\n|---------------|----------------|------------------|--------------|\n| CAA Records | Low | Low | Low |\n\nDue to the absence of actionable vulnerabilities, the overall risk profile remains low. However, continued vigilance over certificate issuance policies is advised.\n\n---\n\n## 10. False Positives & Verification Required\n\nThere are **no false positives** reported in the given data. All entries indicate actual presence of CAA records, which is expected behavior when such records exist in DNS zones.\n\nManual verification confirms that the detection logic correctly identifies CAA resource records within the DNS infrastructure.\n\n---\n\n## Conclusion\n\nBased on the provided VAPT output, the assessed domains have implemented basic PKI protection through CAA records. While not inherently vulnerable, continuous review and hardening of these records is advised to maintain strong cryptographic governance. Additional testing beyond DNS-based scans is necessary to fully evaluate application-layer and system-level security posture.\n\n---"},{"_id":{"$oid":"6939914fad512d008e7975c7"},"created_at":{"$date":"2025-12-10T15:27:11.147Z"},"url":"https://mahafyjcadmissions.in/landing","tool":"nuclei","result":{"status":"success","targets":"https://mahafyjcadmissions.in/landing","total_findings":3,"findings":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 60968\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 60968\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2025121000 1800 900 604800 86400\n","timestamp":"2025-12-10T15:26:20.316561419Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 2991\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 2991\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86399\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2025121000 1800 900 604800 86400\n","timestamp":"2025-12-10T15:26:19.294399048Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 4016\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 4016\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2025121000 1800 900 604800 86400\n","timestamp":"2025-12-10T15:26:19.66787018Z","matcher-status":true}],"output_dir":"results/nuclei_results","reports":{"detailed":"nuclie_results.txt","json":"nuclie_results.json","csv":"nuclie_results.csv"}},"summary":"### Tool Name: Nuclei \n### Website URL: https://nuclei.projectdiscovery.io/\n\n---\n\n## 1. Investigative Analysis\n\nA comprehensive vulnerability assessment and penetration test was conducted using Nuclei and corroborated with outputs from multiple scan formats (TXT, CSV, JSON, and deep_scan.json). The assessment focused on DNS Certification Authority Authorization (CAA) record enumeration for the target domain(s). The findings are exclusively informational, relating to the presence or absence of CAA records in DNS. No critical, high, medium, or low severity vulnerabilities were detected. The presence of CAA records is a positive security control, while their absence is a missed opportunity for defense-in-depth but does not constitute a direct vulnerability.\n\n**Critical Security Gaps:** \n- No exploitable vulnerabilities or misconfigurations were identified.\n- The absence of CAA records (in some outputs) is not a direct vulnerability but increases the risk of unauthorized certificate issuance, which could be leveraged in advanced attack scenarios (e.g., phishing, man-in-the-middle).\n\n---\n\n## 2. Critical Findings (CVSS 9.0-10.0)\n\n**No critical severity vulnerabilities (CVSS 9.0-10.0) were identified in any scan.** \n- No CVE IDs, CWE IDs, or affected systems/IPs associated with critical risk.\n- No technical indicators or proof of concept for exploitation at this level.\n\n---\n\n## 3. High-Risk Vulnerabilities (CVSS 7.0-8.9)\n\n**No high-severity vulnerabilities (CVSS 7.0-8.9) were identified.** \n- No findings mapped to high-risk CWE categories.\n- No evidence of exploitable high-risk issues in DNS or other infrastructure components.\n\n---\n\n## 4. Medium & Low Risk Items\n\n### Informational/Low Risk: CAA Record Presence or Absence\n\n| Finding Type | CWE ID | Severity | Affected Component | Description | Business Impact |\n|-----------------------------|---------|---------------|--------------------|-----------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------------------|\n| CAA Record Present | CWE-200 | Informational | DNS zone | CAA record discovered, specifying which CAs can issue certificates for the domain. | Positive: Restricts certificate issuance, reduces risk of unauthorized certificates. |\n| CAA Record Absent | CWE-200 | Informational | DNS zone | No CAA record found; any CA can issue certificates for the domain. | Potential: Increases risk of unauthorized/fraudulent certificate issuance. |\n\n**Security Hardening Recommendations:** \n- If CAA records are absent, implement restrictive CAA records to specify trusted CAs.\n- Regularly review and update CAA records to align with organizational certificate policies.\n- Monitor Certificate Transparency logs for unexpected certificate issuance.\n\n---\n\n## 5. Attack Surface Analysis\n\n- **Internet-Facing Assets:** \n - DNS zones for the target domains are publicly accessible.\n- **Potential Attack Paths:** \n - In the absence of CAA records, an attacker could exploit weak or compromised CAs to obtain fraudulent certificates.\n- **Network Segmentation Issues:** \n - Not applicable; DNS is inherently public.\n- **Lateral Movement Opportunities:** \n - Not directly applicable; however, fraudulent certificates could facilitate phishing or man-in-the-middle attacks, potentially leading to lateral movement in broader attack scenarios.\n\n---\n\n## 6. Compliance & Regulatory Gaps\n\n- **PCI-DSS:** \n - No direct violation, but best practice recommends restricting certificate issuance.\n- **HIPAA, GDPR, ISO 27001, NIST, CIS:** \n - No explicit requirement for CAA records, but lack of control over certificate issuance may be viewed as a gap in defense-in-depth and could impact audit findings related to secure communications (e.g., ISO 27001 A.10.1, NIST SP 800-53 SC-8).\n- **Required Compliance Actions:** \n - Implement and document CAA records as part of certificate management policy.\n - Monitor for unauthorized certificate issuance as part of ongoing compliance monitoring.\n\n---\n\n## 7. Manual Verification Procedures\n\n### CWE-200: Exposure of Sensitive Information to an Unauthorized Actor (CAA Record Presence/Absence)\n\n#### 7.1. Verifying Presence of CAA Records\n\n**Prerequisites:** \n- Public DNS access\n\n**Step 1:** Query CAA records using `dig`:\n```sh\ndig CAA example.com +short\n```\n**Step 2:** Query CAA records using `nslookup`:\n```sh\nnslookup -type=CAA example.com\n```\n**Step 3:** Query CAA records using `host`:\n```sh\nhost -t caa example.com\n```\n**Step 4:** Use online DNS tools:\n- [MXToolbox CAA Lookup](https://mxtoolbox.com/CaaLookup.aspx)\n- [Google Dig Tool](https://toolbox.googleapps.com/apps/dig/)\n\n**Expected Results:** \n- If CAA records are present, output will list authorized CAs.\n- If absent, output will be empty or state \"no CAA record\".\n\n#### 7.2. Interpreting Results\n\n- **No CAA records:** Any CA can issue certificates.\n- **Restrictive CAA records:** Only specified CAs can issue certificates.\n\n---\n\n## 8. CWE Analysis Summary\n\n- **Statistical Breakdown:** \n - 100% of findings mapped to CWE-200 (Exposure of Sensitive Information to an Unauthorized Actor), informational context only.\n- **Top 10 CWE Weaknesses Identified:** \n - Only CWE-200 observed in this assessment.\n- **Trends/Patterns:** \n - All findings relate to DNS configuration and certificate issuance controls.\n- **Correlation with Business-Critical Systems:** \n - DNS zones for business-critical domains; improper configuration could impact trust and security of public-facing services.\n\n---\n\n## 9. Risk Assessment Matrix\n\n| Vulnerability Type | Exploitability | Business Impact | Risk Score (Qualitative) |\n|--------------------|---------------|-----------------|--------------------------|\n| CAA Record Absent | Low | Moderate | Low-Moderate |\n| CAA Record Present | N/A | Positive | None |\n\n**Risk Scoring Methodology:** \n- Exploitability is low (requires CA compromise or mis-issuance).\n- Business impact is moderate if exploited (potential for phishing, impersonation).\n- Overall risk is low to moderate, depending on CAA record configuration.\n\n---\n\n## 10. False Positives & Verification Required\n\n- **Items Flagged for Manual Verification:** \n - Presence or absence of CAA records should be confirmed via DNS queries as outlined above.\n- **Potential False Positives:** \n - None suspected; DNS responses are authoritative.\n- **Recommended Validation Approach:** \n - Perform manual DNS queries using `dig`, `nslookup`, or online tools to confirm scan results.\n\n---\n\n**Unified Risk Narrative:** \nAll tool outputs consistently indicate that the only findings relate to the presence or absence of DNS CAA records (CWE-200). No exploitable vulnerabilities were identified. The absence of CAA records is not a direct vulnerability but represents a missed opportunity to enforce certificate issuance policy, which could be leveraged in advanced attack scenarios. The presence of CAA records is a positive security control. No further action is required beyond periodic review and maintenance of DNS CAA records as part of certificate management best practices."},{"_id":{"$oid":"693aae71f2ef7c685209d0fa"},"created_at":{"$date":"2025-12-11T11:43:45.474Z"},"url":"https://mahafyjcadmissions.in/","tool":"nuclei","result":{"status":"success","targets":"https://mahafyjcadmissions.in/","total_findings":3,"findings":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 63344\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 63344\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2025121100 1800 900 604800 86400\n","timestamp":"2025-12-11T11:42:45.270360998Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 54498\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 54498\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86399\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2025121100 1800 900 604800 86400\n","timestamp":"2025-12-11T11:42:36.015255602Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 23843\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 23843\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2025121100 1800 900 604800 86400\n","timestamp":"2025-12-11T11:42:36.276984573Z","matcher-status":true}],"output_dir":"results/nuclei_results","reports":{"detailed":"nuclie_results.txt","json":"nuclie_results.json","csv":"nuclie_results.csv"}},"summary":"### Tool Name: Nuclei, Deep Scan (Multiple DNS/Certificate Security Scanners)\n### Website URL: https://nuclei.projectdiscovery.io/ | https://www.projectdiscovery.io/\n\n---\n\n## 1. Investigative Analysis\n\nA comprehensive security assessment was conducted using multiple VAPT tools focused on DNS and certificate issuance controls. The primary investigative focus was on the presence and configuration of DNS Certification Authority Authorization (CAA) records, which are critical for restricting which Certificate Authorities (CAs) can issue SSL/TLS certificates for organizational domains.\n\n**Key Observations:**\n- Across all tool outputs, no critical or high-severity vulnerabilities were identified.\n- The absence of CAA records was detected for certain domains, representing a security misconfiguration rather than a direct vulnerability.\n- Where CAA records were present, they were correctly configured, reflecting adherence to security best practices.\n- No evidence of active exploitation, unauthorized certificate issuance, or direct exposure of sensitive information was found.\n- The only notable security gap is the lack of explicit CAA records for some domains, which increases the risk of unauthorized certificate issuance in the event of a CA compromise or mis-issuance.\n\n**Critical Security Gaps Requiring Immediate Attention:**\n- Domains lacking CAA records are at increased risk for certificate mis-issuance, which could facilitate phishing, man-in-the-middle (MITM) attacks, or brand impersonation.\n\n---\n\n## 2. Critical Findings (CVSS 9.0-10.0)\n\n**No critical vulnerabilities (CVSS 9.0-10.0) were identified in any tool output.**\n\n---\n\n## 3. High-Risk Vulnerabilities (CVSS 7.0-8.9)\n\n**No high-risk vulnerabilities (CVSS 7.0-8.9) were identified in any tool output.**\n\n---\n\n## 4. Medium & Low Risk Items\n\n### Consolidated Summary\n\n| Finding | CWE ID | Affected Component | Severity | Exploitation Difficulty | Internet-Facing | Business Impact |\n|--------------------------|----------|--------------------|----------|------------------------|-----------------|--------------------------------------------------------------------------------------------------|\n| Absence of CAA Record | CWE-200 | DNS (Domain Zone) | Low | N/A (misconfiguration) | Yes | Potential for unauthorized certificate issuance, increased risk of phishing or MITM attacks |\n| Presence of CAA Record | CWE-200 | DNS (Domain Zone) | Info | N/A | Yes | Positive: Reduces risk of unauthorized certificate issuance |\n\n#### CWE Classification\n- **CWE-200: Exposure of Sensitive Information to an Unauthorized Actor** \n While the absence of a CAA record does not directly expose sensitive information, it fails to restrict which CAs can issue certificates, increasing the risk of unauthorized certificate issuance.\n\n#### Security Hardening Recommendations\n- Implement CAA records for all domains to restrict certificate issuance to trusted CAs.\n- Regularly audit DNS records and monitor Certificate Transparency logs for unauthorized certificate issuance.\n\n---\n\n## 5. Attack Surface Analysis\n\n- **Internet-Facing Assets:** \n All findings pertain to public DNS zones, which are inherently internet-facing and accessible to any external actor.\n- **Potential Attack Paths:** \n - If a domain lacks a CAA record, any CA can issue certificates for it. An attacker could exploit a compromised or negligent CA to obtain a valid certificate, enabling:\n - Phishing campaigns with legitimate-looking SSL certificates.\n - MITM attacks by intercepting or spoofing secure communications.\n- **Network Segmentation Issues:** \n Not applicable; DNS records are globally accessible and not subject to internal segmentation.\n- **Lateral Movement Opportunities:** \n Not directly applicable; however, unauthorized certificate issuance could facilitate further attacks against internal or external users by impersonating trusted services.\n\n---\n\n## 6. Compliance & Regulatory Gaps\n\n- **PCI-DSS:** \n Requirement 2.2.1 (Implement only necessary services, protocols, and ports) and 4.1 (Use strong cryptography and security protocols). Absence of CAA records may not directly violate PCI-DSS, but increases risk to SSL/TLS trust.\n- **HIPAA:** \n 164.312(e)(1) (Transmission Security). Lack of CAA records could indirectly increase risk of unauthorized access via MITM.\n- **GDPR:** \n Article 32 (Security of Processing). Weakness in certificate issuance controls could lead to unauthorized data access.\n- **ISO 27001:** \n A.13.2.3 (Electronic Messaging). Secure transmission is at risk if unauthorized certificates are issued.\n- **NIST/CIS Benchmarks:** \n NIST SP 800-53 SC-8, SC-13 (Transmission Confidentiality and Integrity). CAA records are a recommended control for certificate issuance.\n\n**Required Compliance Actions:**\n- Implement CAA records to demonstrate due diligence in controlling certificate issuance and reducing risk of unauthorized access.\n\n---\n\n## 7. Manual Verification Procedures\n\n### CWE-200: Absence/Presence of CAA Records\n\n#### Verifying Absence of CAA Records\n\n1. **Using `dig`:**\n ```bash\n dig CAA example.com\n ```\n - Expected: No CAA records in the ANSWER SECTION.\n\n2. **Using `nslookup`:**\n ```bash\n nslookup -type=CAA example.com\n ```\n - Expected: No CAA records returned.\n\n3. **Using `host`:**\n ```bash\n host -t caa example.com\n ```\n - Expected: Host reports no CAA records found.\n\n4. **Online Tools:**\n - [SSL Labs CAA Test](https://ssllabs.com/ssltest/)\n - [DNSViz](https://dnsviz.net/)\n - [CAA Test](https://caatest.co.uk/)\n\n - Expected: Tool reports \"No CAA records found\" for the domain.\n\n#### Verifying Presence of CAA Records\n\n1. **Using `dig`:**\n ```bash\n dig CAA example.com\n ```\n - Expected: CAA records specifying authorized CAs (e.g., `example.com. 3600 IN CAA 0 issue \"letsencrypt.org\"`).\n\n2. **Using `nslookup`:**\n ```bash\n nslookup -type=CAA example.com\n ```\n - Expected: Output lists CAA records.\n\n3. **Using `host`:**\n ```bash\n host -t caa example.com\n ```\n - Expected: Output lists CAA records.\n\n4. **Online Tools:** \n As above; expected output is a list of CAA records specifying authorized CAs.\n\n**Prerequisites:** \n- Access to a terminal or online DNS lookup tool.\n- No special permissions required; DNS records are public.\n\n**Expected Results:** \n- Absence: No CAA records returned.\n- Presence: CAA records specifying authorized CAs are listed.\n\n---\n\n## 8. CWE Analysis Summary\n\n### Statistical Breakdown\n\n| CWE Category | Count | Description |\n|--------------|-------|----------------------------------------------------------|\n| CWE-200 | 4 | Exposure of Sensitive Information to an Unauthorized Actor (informational context for CAA records) |\n\n### Top 10 CWE Weaknesses Identified\n\n1. CWE-200: Exposure of Sensitive Information to an Unauthorized Actor\n\n*No other CWE categories were identified in the assessment.*\n\n### Trends and Patterns\n\n- All findings relate to DNS CAA record configuration (either presence or absence).\n- No direct vulnerabilities; all findings are either positive (CAA present) or informational (CAA absent).\n- The only recurring weakness is the lack of explicit certificate issuance controls for some domains.\n\n### Correlation with Business-Critical Systems\n\n- Domains without CAA records are at higher risk for unauthorized certificate issuance, which could impact business-critical web applications and services by enabling impersonation or MITM attacks.\n\n---\n\n## 9. Risk Assessment Matrix\n\n| Vulnerability/Finding | Exploitability | Business Impact | Risk Score (Qualitative) |\n|---------------------------|---------------|----------------|--------------------------|\n| Absence of CAA Record | Low | Moderate | Low |\n| Presence of CAA Record | N/A | Positive | N/A |\n\n**Risk Scoring Methodology:** \n- Exploitability is low, as the absence of CAA records does not directly enable attacks but increases exposure if a CA is compromised.\n- Business impact is moderate, as unauthorized certificate issuance could facilitate phishing or MITM attacks against business-critical services.\n- Overall risk is low, but the finding is significant for organizations with high trust requirements.\n\n---\n\n## 10. False Positives & Verification Required\n\n- **Items Flagged for Manual Verification:** \n - Absence of CAA records: Confirm using DNS query tools as outlined above.\n - Presence of CAA records: Confirm correct configuration and intended CA authorization.\n\n- **Potential False Positives:** \n - None identified. DNS record presence or absence is a factual state, not subject to tool misinterpretation.\n\n- **Recommended Validation Approach:** \n - Use multiple DNS query methods (dig, nslookup, host, online tools) to confirm findings.\n - Review Certificate Transparency logs for any unexpected certificate issuance events.\n\n---\n\n**Unified Risk Narrative:** \nAll VAPT tool outputs consistently indicate that the organization's DNS and certificate issuance controls are generally sound, with the only notable gap being the absence of CAA records for certain domains. This is not an exploitable vulnerability but represents a best-practice deficiency that could increase risk in the event of a CA compromise. No critical or high-severity vulnerabilities were identified, and the presence of CAA records where configured demonstrates proactive security management. All findings are mapped to CWE-200, and no false positives were detected.\n\n**Executive Summary:** \nThe assessment confirms a strong security posture regarding DNS and certificate issuance, with only minor improvements recommended to ensure all domains are protected by CAA records. No immediate threats or exploitable vulnerabilities were found. Verification procedures are straightforward and can be performed using standard DNS tools."},{"_id":{"$oid":"69496488bf8ef5aef6c37a1b"},"created_at":{"$date":"2025-12-22T15:32:24.591Z"},"url":"https://www.compoundit.pro/","tool":"nuclei","result":{"status":"success","targets":"https://www.compoundit.pro/","total_findings":3,"findings":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 10110\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 10110\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86399\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2025122200 1800 900 604800 86400\n","timestamp":"2025-12-22T15:32:24.237256011Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 51055\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 51055\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86397\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2025122200 1800 900 604800 86400\n","timestamp":"2025-12-22T15:32:24.284324348Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 51055\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 51055\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86397\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2025122200 1800 900 604800 86400\n","timestamp":"2025-12-22T15:32:24.284324348Z","matcher-status":true}],"output_dir":"results/nuclei_results","reports":{"detailed":"nuclie_results.txt","json":"nuclie_results.json","csv":"nuclie_results.csv"}},"summary":""},{"_id":{"$oid":"696e7582980a90550d7ba469"},"created_at":{"$date":"2026-01-19T18:18:42.627Z"},"url":"https://maharashtra.gov.in/","tool":"nuclei","result":{"status":"success","targets":"https://maharashtra.gov.in/","total_findings":3,"findings":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 42157\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 42157\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026011901 1800 900 604800 86400\n","timestamp":"2026-01-19T18:18:42.110097415Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 31372\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 31372\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86399\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026011901 1800 900 604800 86400\n","timestamp":"2026-01-19T18:18:27.653335696Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 15136\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 15136\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026011901 1800 900 604800 86400\n","timestamp":"2026-01-19T18:18:42.385296817Z","matcher-status":true}],"output_dir":"results/nuclei_results","reports":{"detailed":"nuclie_results.txt","json":"nuclie_results.json","csv":"nuclie_results.csv"}},"summary":""},{"_id":{"$oid":"697367be349452db637d6932"},"created_at":{"$date":"2026-01-23T12:21:18.602Z"},"url":"https://mahait.org/","tool":"nuclei","result":{"status":"success","targets":"https://mahait.org/","total_findings":2,"findings":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 64103\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 64103\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026012300 1800 900 604800 86400\n","timestamp":"2026-01-23T12:21:16.579302123Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 29153\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 29153\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86399\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026012300 1800 900 604800 86400\n","timestamp":"2026-01-23T12:21:18.261766391Z","matcher-status":true}],"output_dir":"results/nuclei_results","reports":{"detailed":"nuclie_results.txt","json":"nuclie_results.json","csv":"nuclie_results.csv"}},"summary":""},{"_id":{"$oid":"697a5d257f2bd66892d35345"},"created_at":{"$date":"2026-01-28T19:01:57.142Z"},"url":"https://www.mahaonline.gov.in/","tool":"nuclei","result":{"status":"success","findings":[],"total_findings":0},"summary":null},{"_id":{"$oid":"69a7c690f789efb7f0cbfa62"},"created_at":{"$date":"2026-03-04T05:43:44.620Z"},"url":"https://gujaratindia.gov.in/Index","tool":"nuclei","result":{"status":"success","targets":"https://gujaratindia.gov.in/Index","total_findings":3,"findings":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 52777\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 52777\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86399\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026030301 1800 900 604800 86400\n","timestamp":"2026-03-04T05:43:40.815483354Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 62919\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 62919\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86399\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026030301 1800 900 604800 86400\n","timestamp":"2026-03-04T05:43:43.996234038Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 52777\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 52777\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86399\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026030301 1800 900 604800 86400\n","timestamp":"2026-03-04T05:43:40.815483354Z","matcher-status":true}],"output_dir":"results/nuclei_results","reports":{"detailed":"nuclie_results.txt","json":"nuclie_results.json","csv":"nuclie_results.csv"}},"summary":""},{"_id":{"$oid":"69d4a3f0e3116eb93e2094c5"},"created_at":{"$date":"2026-04-07T06:28:00.421Z"},"url":"https://www.nfsu.ac.in/","tool":"nuclei","result":{"status":"success","targets":"https://www.nfsu.ac.in/","total_findings":3,"findings":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 59205\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 59205\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86399\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026040700 1800 900 604800 86400\n","timestamp":"2026-04-07T06:28:00.049602991Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 52156\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 52156\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86387\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026040700 1800 900 604800 86400\n","timestamp":"2026-04-07T06:27:54.193079343Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 8847\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 8847\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026040700 1800 900 604800 86400\n","timestamp":"2026-04-07T06:27:57.220007277Z","matcher-status":true}],"output_dir":"results/nuclei_results","reports":{"detailed":"nuclie_results.txt","json":"nuclie_results.json","csv":"nuclie_results.csv"}},"summary":""},{"_id":{"$oid":"69d4c4e0a3eeb919ebbf546a"},"created_at":{"$date":"2026-04-07T08:48:32.807Z"},"url":"https://www.nfsu.ac.in/","tool":"nuclei","result":{"status":"success","targets":"https://www.nfsu.ac.in/","total_findings":3,"findings":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 21100\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 21100\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86387\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026040700 1800 900 604800 86400\n","timestamp":"2026-04-07T08:48:32.421950193Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 21100\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 21100\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86387\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026040700 1800 900 604800 86400\n","timestamp":"2026-04-07T08:48:32.421950193Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 28775\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 28775\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026040700 1800 900 604800 86400\n","timestamp":"2026-04-07T08:48:28.558779725Z","matcher-status":true}],"output_dir":"results/nuclei_results","reports":{"detailed":"nuclie_results.txt","json":"nuclie_results.json","csv":"nuclie_results.csv"}},"summary":""},{"_id":{"$oid":"69d4d4d12e07d94cd58696b5"},"created_at":{"$date":"2026-04-07T09:56:33.154Z"},"url":"https://www.nfsu.ac.in/","tool":"nuclei","result":{"status":"success","targets":"https://www.nfsu.ac.in/","total_findings":3,"findings":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 63905\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 63905\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026040700 1800 900 604800 86400\n","timestamp":"2026-04-07T09:56:32.691344759Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 10066\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 10066\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026040700 1800 900 604800 86400\n","timestamp":"2026-04-07T09:56:29.24163255Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 59646\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 59646\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86396\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026040700 1800 900 604800 86400\n","timestamp":"2026-04-07T09:56:31.397771869Z","matcher-status":true}],"output_dir":"results/nuclei_results","reports":{"detailed":"nuclie_results.txt","json":"nuclie_results.json","csv":"nuclie_results.csv"}},"summary":""},{"_id":{"$oid":"69d9e8ca189e668eba5376a6"},"created_at":{"$date":"2026-04-11T06:23:06.294Z"},"url":"https://vjti.ac.in/","tool":"nuclei","result":{"status":"success","targets":"https://vjti.ac.in/","total_findings":2,"findings":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 15860\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 15860\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026041001 1800 900 604800 86400\n","timestamp":"2026-04-11T06:23:05.947494911Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 53963\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 53963\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026041001 1800 900 604800 86400\n","timestamp":"2026-04-11T06:22:57.629271579Z","matcher-status":true}],"output_dir":"results/nuclei_results","reports":{"detailed":"nuclie_results.txt","json":"nuclie_results.json","csv":"nuclie_results.csv"}},"summary":""},{"_id":{"$oid":"69d9e9490e0a737b277b73a8"},"created_at":{"$date":"2026-04-11T06:25:13.396Z"},"url":"https://vjti.ac.in/","tool":"nuclei","result":{"status":"success","targets":"https://vjti.ac.in/","total_findings":3,"findings":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 39845\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 39845\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026041001 1800 900 604800 86400\n","timestamp":"2026-04-11T06:25:06.90790864Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 17950\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 17950\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86399\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026041001 1800 900 604800 86400\n","timestamp":"2026-04-11T06:25:00.938002234Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 30159\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 30159\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86399\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026041001 1800 900 604800 86400\n","timestamp":"2026-04-11T06:25:12.19805178Z","matcher-status":true}],"output_dir":"results/nuclei_results","reports":{"detailed":"nuclie_results.txt","json":"nuclie_results.json","csv":"nuclie_results.csv"}},"summary":""},{"_id":{"$oid":"69e3c166ac89e7d290d755dc"},"created_at":{"$date":"2026-04-18T17:37:42.568Z"},"url":"https://www.altagroup.com.pk/","tool":"nuclei","result":{"status":"success","targets":"https://www.altagroup.com.pk/","total_findings":1,"findings":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 40989\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 40989\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026041800 1800 900 604800 86400\n","timestamp":"2026-04-18T17:37:24.051304575Z","matcher-status":true}],"output_dir":"results/nuclei_results","reports":{"detailed":"nuclie_results.txt","json":"nuclie_results.json","csv":"nuclie_results.csv"}},"summary":""},{"_id":{"$oid":"69e522402568003f8cbcd82b"},"created_at":{"$date":"2026-04-19T18:43:12.810Z"},"url":"https://www.jamals.com/","tool":"nuclei","result":{"status":"success","targets":"https://www.jamals.com/","total_findings":3,"findings":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 29661\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 29661\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86398\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026041901 1800 900 604800 86400\n","timestamp":"2026-04-19T18:43:11.682381221Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 29661\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 29661\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86398\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026041901 1800 900 604800 86400\n","timestamp":"2026-04-19T18:43:11.682381221Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 29661\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 29661\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86398\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026041901 1800 900 604800 86400\n","timestamp":"2026-04-19T18:43:11.682381221Z","matcher-status":true}],"output_dir":"results/nuclei_results","reports":{"detailed":"nuclie_results.txt","json":"nuclie_results.json","csv":"nuclie_results.csv"}},"summary":""},{"_id":{"$oid":"69e78c083209540d05bf2f66"},"created_at":{"$date":"2026-04-21T14:39:04.883Z"},"url":"https://example.com/","tool":"nuclei","result":{"status":"success","targets":"https://example.com/","total_findings":2,"findings":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 6791\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 6791\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026042100 1800 900 604800 86400\n","timestamp":"2026-04-21T14:39:00.450217565Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 9846\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 9846\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026042100 1800 900 604800 86400\n","timestamp":"2026-04-21T14:39:04.261575517Z","matcher-status":true}],"output_dir":"results/nuclei_results","reports":{"detailed":"nuclie_results.txt","json":"nuclie_results.json","csv":"nuclie_results.csv"}},"summary":""},{"_id":{"$oid":"69e797e751e47c5304f65b0f"},"created_at":{"$date":"2026-04-21T15:29:43.468Z"},"url":"https://mahatenders.gov.in/","tool":"nuclei","result":{"status":"success","targets":"https://mahatenders.gov.in/","total_findings":3,"findings":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 3976\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 3976\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026042100 1800 900 604800 86400\n","timestamp":"2026-04-21T15:29:36.422140123Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 31538\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 31538\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026042100 1800 900 604800 86400\n","timestamp":"2026-04-21T15:29:43.031287027Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 17569\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 17569\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86397\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026042100 1800 900 604800 86400\n","timestamp":"2026-04-21T15:29:40.288477518Z","matcher-status":true}],"output_dir":"results/nuclei_results","reports":{"detailed":"nuclie_results.txt","json":"nuclie_results.json","csv":"nuclie_results.csv"}},"summary":""},{"_id":{"$oid":"69e863c23875f51cb9e859fd"},"created_at":{"$date":"2026-04-22T05:59:30.994Z"},"url":"https://bun.com/","tool":"nuclei","result":{"status":"success","findings":[],"total_findings":0},"summary":null},{"_id":{"$oid":"69e8ae0c17d94d6bef2e5e90"},"created_at":{"$date":"2026-04-22T11:16:28.297Z"},"url":"https://www.daraz.pk/","tool":"nuclei","result":{"status":"success","targets":"https://www.daraz.pk/","total_findings":3,"findings":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 7724\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 7724\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026042200 1800 900 604800 86400\n","timestamp":"2026-04-22T11:16:23.182875878Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 30471\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 30471\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86399\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026042200 1800 900 604800 86400\n","timestamp":"2026-04-22T11:16:18.12358154Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 5209\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 5209\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026042200 1800 900 604800 86400\n","timestamp":"2026-04-22T11:16:27.792328551Z","matcher-status":true}],"output_dir":"results/nuclei_results","reports":{"detailed":"nuclie_results.txt","json":"nuclie_results.json","csv":"nuclie_results.csv"}},"summary":""},{"_id":{"$oid":"69ea466987652fc731c80956"},"created_at":{"$date":"2026-04-23T16:18:49.503Z"},"url":"https://bun.com/","tool":"nuclei","result":{"status":"success","targets":"https://bun.com/","total_findings":3,"findings":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 56104\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 56104\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026042300 1800 900 604800 86400\n","timestamp":"2026-04-23T16:18:41.456236005Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 34811\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 34811\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86396\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026042300 1800 900 604800 86400\n","timestamp":"2026-04-23T16:18:47.890162151Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 55446\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 55446\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86398\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026042300 1800 900 604800 86400\n","timestamp":"2026-04-23T16:18:43.958085832Z","matcher-status":true}],"output_dir":"results/nuclei_results","reports":{"detailed":"nuclie_results.txt","json":"nuclie_results.json","csv":"nuclie_results.csv"}},"summary":""},{"_id":{"$oid":"69ebb3ff86f5022811d2f0db"},"created_at":{"$date":"2026-04-24T18:18:39.849Z"},"url":"https://gujarat.nfsu.ac.in/","tool":"nuclei","result":{"status":"success","targets":"https://gujarat.nfsu.ac.in/","total_findings":3,"findings":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 47133\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 47133\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026042401 1800 900 604800 86400\n","timestamp":"2026-04-24T18:18:37.268804324Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 47133\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 47133\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026042401 1800 900 604800 86400\n","timestamp":"2026-04-24T18:18:37.268804324Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 31594\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 31594\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026042401 1800 900 604800 86400\n","timestamp":"2026-04-24T18:18:35.097643054Z","matcher-status":true}],"output_dir":"results/nuclei_results","reports":{"detailed":"nuclie_results.txt","json":"nuclie_results.json","csv":"nuclie_results.csv"}},"summary":""},{"_id":{"$oid":"69edbbbab6dbb10a579ba9f6"},"created_at":{"$date":"2026-04-26T07:16:10.978Z"},"url":"https://mypngd.in/","tool":"nuclei","result":{"status":"success","targets":"https://mypngd.in/","total_findings":3,"findings":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 44856\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 44856\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86398\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026042600 1800 900 604800 86400\n","timestamp":"2026-04-26T07:16:09.177010918Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 44856\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 44856\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86398\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026042600 1800 900 604800 86400\n","timestamp":"2026-04-26T07:16:09.177010918Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 44856\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 44856\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86398\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026042600 1800 900 604800 86400\n","timestamp":"2026-04-26T07:16:09.177010918Z","matcher-status":true}],"output_dir":"results/nuclei_results","reports":{"detailed":"nuclie_results.txt","json":"nuclie_results.json","csv":"nuclie_results.csv"}},"summary":""},{"_id":{"$oid":"69f02f77f4fd0b9e92378620"},"created_at":{"$date":"2026-04-28T03:54:31.973Z"},"url":"https://robu.in/","tool":"nuclei","result":{"status":"success","targets":"https://robu.in/","total_findings":3,"findings":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 27103\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 27103\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86399\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026042702 1800 900 604800 86400\n","timestamp":"2026-04-28T03:54:31.311287606Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 48729\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 48729\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026042702 1800 900 604800 86400\n","timestamp":"2026-04-28T03:54:24.411712306Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 26414\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 26414\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86399\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026042702 1800 900 604800 86400\n","timestamp":"2026-04-28T03:54:25.146479152Z","matcher-status":true}],"output_dir":"results/nuclei_results","reports":{"detailed":"nuclie_results.txt","json":"nuclie_results.json","csv":"nuclie_results.csv"}},"summary":""},{"_id":{"$oid":"69f031ef8556ae5f875dac1c"},"created_at":{"$date":"2026-04-28T04:05:03.799Z"},"url":"https://www.nobroker.in/","tool":"nuclei","result":{"status":"success","targets":"https://www.nobroker.in/","total_findings":3,"findings":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 43368\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 43368\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026042702 1800 900 604800 86400\n","timestamp":"2026-04-28T04:03:54.031995813Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 43368\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 43368\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026042702 1800 900 604800 86400\n","timestamp":"2026-04-28T04:03:54.031995813Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 43368\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 43368\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026042702 1800 900 604800 86400\n","timestamp":"2026-04-28T04:03:54.031995813Z","matcher-status":true}],"output_dir":"results/nuclei_results","reports":{"detailed":"nuclie_results.txt","json":"nuclie_results.json","csv":"nuclie_results.csv"}},"summary":""},{"_id":{"$oid":"69f06c9de9163f6cbb5a6a59"},"created_at":{"$date":"2026-04-28T08:15:25.972Z"},"url":"https://www.nobroker.in/","tool":"nuclei","result":{"status":"success","targets":"https://www.nobroker.in/","total_findings":1,"findings":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 34163\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 34163\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026042800 1800 900 604800 86400\n","timestamp":"2026-04-28T08:15:16.705628572Z","matcher-status":true}],"output_dir":"results/nuclei_results","reports":{"detailed":"nuclie_results.txt","json":"nuclie_results.json","csv":"nuclie_results.csv"}},"summary":""},{"_id":{"$oid":"69f107caf5df8855f9fe0f34"},"created_at":{"$date":"2026-04-28T19:17:30.064Z"},"url":"https://cmogujarat.gov.in/en","tool":"nuclei","result":{"status":"success","targets":"https://cmogujarat.gov.in/en","total_findings":3,"findings":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 16204\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 16204\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026042801 1800 900 604800 86400\n","timestamp":"2026-04-28T19:17:27.599786245Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 28345\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 28345\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86397\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026042801 1800 900 604800 86400\n","timestamp":"2026-04-28T19:17:29.695560575Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 16204\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 16204\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026042801 1800 900 604800 86400\n","timestamp":"2026-04-28T19:17:27.599786245Z","matcher-status":true}],"output_dir":"results/nuclei_results","reports":{"detailed":"nuclie_results.txt","json":"nuclie_results.json","csv":"nuclie_results.csv"}},"summary":""},{"_id":{"$oid":"69f306d0f03c4d33e1750805"},"created_at":{"$date":"2026-04-30T07:37:52.872Z"},"url":"https://anveshaktool.in/","tool":"nuclei","result":{"status":"success","targets":"https://anveshaktool.in/","total_findings":3,"findings":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 35410\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 35410\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026043000 1800 900 604800 86400\n","timestamp":"2026-04-30T07:37:34.169958221Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 44941\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 44941\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026043000 1800 900 604800 86400\n","timestamp":"2026-04-30T07:37:37.47500885Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 13897\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 13897\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86192\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026043000 1800 900 604800 86400\n","timestamp":"2026-04-30T07:37:52.273103528Z","matcher-status":true}],"output_dir":"results/nuclei_results","reports":{"detailed":"nuclie_results.txt","json":"nuclie_results.json","csv":"nuclie_results.csv"}},"summary":""},{"_id":{"$oid":"69f327d5a0fcfe30a44cc6b7"},"created_at":{"$date":"2026-04-30T09:58:45.418Z"},"url":"https://pro.anveshaktool.in/","tool":"nuclei","result":{"status":"success","targets":"https://pro.anveshaktool.in/","total_findings":3,"findings":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 26915\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 26915\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026043000 1800 900 604800 86400\n","timestamp":"2026-04-30T09:58:40.985878774Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 27298\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 27298\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86399\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026043000 1800 900 604800 86400\n","timestamp":"2026-04-30T09:58:43.541623473Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 10987\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 10987\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026043000 1800 900 604800 86400\n","timestamp":"2026-04-30T09:58:44.99035659Z","matcher-status":true}],"output_dir":"results/nuclei_results","reports":{"detailed":"nuclie_results.txt","json":"nuclie_results.json","csv":"nuclie_results.csv"}},"summary":""},{"_id":{"$oid":"69fad2d57d7dd50d782e08c8"},"created_at":{"$date":"2026-05-06T05:34:13.429Z"},"url":"https://mpsedc.mp.gov.in/","tool":"nuclei","result":{"status":"success","targets":"https://mpsedc.mp.gov.in/","total_findings":3,"findings":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 20338\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 20338\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026050502 1800 900 604800 86400\n","timestamp":"2026-05-06T05:34:13.274400108Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 9257\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 9257\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026050502 1800 900 604800 86400\n","timestamp":"2026-05-06T05:33:51.775512117Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 11253\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 11253\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86398\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026050502 1800 900 604800 86400\n","timestamp":"2026-05-06T05:33:53.86510952Z","matcher-status":true}],"output_dir":"results/nuclei_results","reports":{"detailed":"nuclie_results.txt","json":"nuclie_results.json","csv":"nuclie_results.csv"}},"summary":""},{"_id":{"$oid":"69fad703d410fe0dcb40e762"},"created_at":{"$date":"2026-05-06T05:52:03.364Z"},"url":"https://mpsedc.mp.gov.in/","tool":"nuclei","result":{"status":"success","targets":"https://mpsedc.mp.gov.in/","total_findings":3,"findings":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 12379\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 12379\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026050502 1800 900 604800 86400\n","timestamp":"2026-05-06T05:52:00.528379874Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 33989\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 33989\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026050502 1800 900 604800 86400\n","timestamp":"2026-05-06T05:52:03.158171059Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 36049\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 36049\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026050502 1800 900 604800 86400\n","timestamp":"2026-05-06T05:52:01.142479291Z","matcher-status":true}],"output_dir":"results/nuclei_results","reports":{"detailed":"nuclie_results.txt","json":"nuclie_results.json","csv":"nuclie_results.csv"}},"summary":""},{"_id":{"$oid":"69fae3c8c31239398cf53e89"},"created_at":{"$date":"2026-05-06T06:46:32.697Z"},"url":"https://bilucky.com/","tool":"nuclei","result":{"status":"success","targets":"https://bilucky.com/","total_findings":3,"findings":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 29421\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 29421\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026050600 1800 900 604800 86400\n","timestamp":"2026-05-06T06:46:32.551113005Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 1739\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 1739\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86399\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026050600 1800 900 604800 86400\n","timestamp":"2026-05-06T06:46:30.578987024Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 21088\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 21088\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026050600 1800 900 604800 86400\n","timestamp":"2026-05-06T06:46:32.160951317Z","matcher-status":true}],"output_dir":"results/nuclei_results","reports":{"detailed":"nuclie_results.txt","json":"nuclie_results.json","csv":"nuclie_results.csv"}},"summary":""},{"_id":{"$oid":"69faf8a6a6d1573263b66c36"},"created_at":{"$date":"2026-05-06T08:15:34.434Z"},"url":"https://bilucky.com","tool":"nuclei","result":{"status":"success","targets":"https://bilucky.com","total_findings":2,"findings":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 42214\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 42214\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026050600 1800 900 604800 86400\n","timestamp":"2026-05-06T08:15:32.995922714Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 42214\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 42214\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026050600 1800 900 604800 86400\n","timestamp":"2026-05-06T08:15:32.995922714Z","matcher-status":true}],"output_dir":"results/nuclei_results","reports":{"detailed":"nuclie_results.txt","json":"nuclie_results.json","csv":"nuclie_results.csv"}},"summary":""},{"_id":{"$oid":"69fcd25b01cdd68b86d21f3b"},"created_at":{"$date":"2026-05-07T17:56:43.027Z"},"url":"https://www.veltris.com/","tool":"nuclei","result":{"status":"success","targets":"https://www.veltris.com/","total_findings":3,"findings":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 8778\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 8778\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86333\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026050701 1800 900 604800 86400\n","timestamp":"2026-05-07T17:56:27.701782237Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 2614\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 2614\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026050700 1800 900 604800 86400\n","timestamp":"2026-05-07T17:56:23.21813907Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 19196\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 19196\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026050700 1800 900 604800 86400\n","timestamp":"2026-05-07T17:56:39.902187914Z","matcher-status":true}],"output_dir":"results/nuclei_results","reports":{"detailed":"nuclie_results.txt","json":"nuclie_results.json","csv":"nuclie_results.csv"}},"summary":""},{"_id":{"$oid":"6a06e5e7023dfb2918a6f50a"},"created_at":{"$date":"2026-05-15T09:22:47.623Z"},"url":"https://freesearchigrservice.maharashtra.gov.in/","tool":"nuclei","result":{"status":"success","targets":"https://freesearchigrservice.maharashtra.gov.in/","total_findings":3,"findings":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 44897\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 44897\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86399\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026051500 1800 900 604800 86400\n","timestamp":"2026-05-15T09:22:40.055776518Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 44897\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 44897\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86399\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026051500 1800 900 604800 86400\n","timestamp":"2026-05-15T09:22:40.055776518Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 4247\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 4247\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86396\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026051500 1800 900 604800 86400\n","timestamp":"2026-05-15T09:22:44.124025764Z","matcher-status":true}],"output_dir":"results/nuclei_results","reports":{"detailed":"nuclie_results.txt","json":"nuclie_results.json","csv":"nuclie_results.csv"}},"summary":""},{"_id":{"$oid":"6a0d5660ee78988aeae86eab"},"created_at":{"$date":"2026-05-20T06:36:16.312Z"},"url":"https://pro.anveshaktool.in/","tool":"nuclei","result":{"status":"success","targets":"https://pro.anveshaktool.in/","total_findings":3,"findings":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 50950\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 50950\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86399\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026051901 1800 900 604800 86400\n","timestamp":"2026-05-20T06:36:15.208583024Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 50950\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 50950\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86399\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026051901 1800 900 604800 86400\n","timestamp":"2026-05-20T06:36:15.208583024Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 50950\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 50950\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86399\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026051901 1800 900 604800 86400\n","timestamp":"2026-05-20T06:36:15.208583024Z","matcher-status":true}],"output_dir":"results/nuclei_results","reports":{"detailed":"nuclie_results.txt","json":"nuclie_results.json","csv":"nuclie_results.csv"}},"summary":""},{"_id":{"$oid":"6a0ddc7bb9666fb02ccc58c3"},"created_at":{"$date":"2026-05-20T16:08:27.612Z"},"url":"https://www.veltris.com/","tool":"nuclei","result":{"status":"success","targets":"https://www.veltris.com/","total_findings":3,"findings":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 42725\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 42725\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86392\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026052000 1800 900 604800 86400\n","timestamp":"2026-05-20T16:08:26.35765813Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 16070\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 16070\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86399\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026052000 1800 900 604800 86400\n","timestamp":"2026-05-20T16:08:08.501214935Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 16070\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 16070\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86399\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026052000 1800 900 604800 86400\n","timestamp":"2026-05-20T16:08:08.501214935Z","matcher-status":true}],"output_dir":"results/nuclei_results","reports":{"detailed":"nuclie_results.txt","json":"nuclie_results.json","csv":"nuclie_results.csv"}},"summary":""},{"_id":{"$oid":"6a0e2812258768418fc1e352"},"created_at":{"$date":"2026-05-20T21:30:58.298Z"},"url":"https://springs.com.pk","tool":"nuclei","result":{"status":"success","targets":"https://springs.com.pk","total_findings":2,"findings":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 15048\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 15048\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026052002 1800 900 604800 86400\n","timestamp":"2026-05-20T21:30:40.449730212Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 55226\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 55226\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86394\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026052002 1800 900 604800 86400\n","timestamp":"2026-05-20T21:30:58.140712737Z","matcher-status":true}],"output_dir":"results/nuclei_results","reports":{"detailed":"nuclie_results.txt","json":"nuclie_results.json","csv":"nuclie_results.csv"}},"summary":""},{"_id":{"$oid":"6a0f2114a026cbd724d66331"},"created_at":{"$date":"2026-05-21T15:13:24.031Z"},"url":"https://eveen.pk/","tool":"nuclei","result":{"status":"success","targets":"https://eveen.pk/","total_findings":1,"findings":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 15588\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 15588\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026052101 1800 900 604800 86400\n","timestamp":"2026-05-21T15:13:23.930620587Z","matcher-status":true}],"output_dir":"results/nuclei_results","reports":{"detailed":"nuclie_results.txt","json":"nuclie_results.json","csv":"nuclie_results.csv"}},"summary":""},{"_id":{"$oid":"6a0f5fa2a854ff15512b00b1"},"created_at":{"$date":"2026-05-21T19:40:18.815Z"},"url":"https://ep.gov.pk/","tool":"nuclei","result":{"status":"success","targets":"https://ep.gov.pk/","total_findings":3,"findings":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 58131\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 58131\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026052102 1800 900 604800 86400\n","timestamp":"2026-05-21T19:40:18.371775432Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 58131\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 58131\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026052102 1800 900 604800 86400\n","timestamp":"2026-05-21T19:40:18.371775432Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 58423\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 58423\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026052102 1800 900 604800 86400\n","timestamp":"2026-05-21T19:39:59.216971378Z","matcher-status":true}],"output_dir":"results/nuclei_results","reports":{"detailed":"nuclie_results.txt","json":"nuclie_results.json","csv":"nuclie_results.csv"}},"summary":""},{"_id":{"$oid":"6a0fe58cd7c5f2ba58ef4288"},"created_at":{"$date":"2026-05-22T05:11:40.202Z"},"url":"https://ep.gov.pk/","tool":"nuclei","result":{"status":"success","targets":"https://ep.gov.pk/","total_findings":3,"findings":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 48287\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 48287\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026052102 1800 900 604800 86400\n","timestamp":"2026-05-22T05:11:39.024939494Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 64016\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 64016\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026052102 1800 900 604800 86400\n","timestamp":"2026-05-22T05:11:36.578883473Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 48287\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 48287\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026052102 1800 900 604800 86400\n","timestamp":"2026-05-22T05:11:39.024939494Z","matcher-status":true}],"output_dir":"results/nuclei_results","reports":{"detailed":"nuclie_results.txt","json":"nuclie_results.json","csv":"nuclie_results.csv"}},"summary":""},{"_id":{"$oid":"6a11b5e9fa735eb57ade47f4"},"created_at":{"$date":"2026-05-23T14:12:57.024Z"},"url":"https://uppolice.gov.in/","tool":"nuclei","result":{"status":"success","targets":"https://uppolice.gov.in/","total_findings":3,"findings":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 39778\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 39778\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86399\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026052300 1800 900 604800 86400\n","timestamp":"2026-05-23T14:12:55.322967764Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 39778\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 39778\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86399\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026052300 1800 900 604800 86400\n","timestamp":"2026-05-23T14:12:55.322967764Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 6358\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 6358\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026052300 1800 900 604800 86400\n","timestamp":"2026-05-23T14:12:56.911560764Z","matcher-status":true}],"output_dir":"results/nuclei_results","reports":{"detailed":"nuclie_results.txt","json":"nuclie_results.json","csv":"nuclie_results.csv"}},"summary":""},{"_id":{"$oid":"6a1359ed29d4a2d4d8d73e03"},"created_at":{"$date":"2026-05-24T20:05:01.271Z"},"url":"https://cp-club-vjti.vercel.app/","tool":"nuclei","result":{"status":"success","targets":"https://cp-club-vjti.vercel.app/","total_findings":1,"findings":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 7723\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 7723\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026052401 1800 900 604800 86400\n","timestamp":"2026-05-24T20:05:00.086183252Z","matcher-status":true}],"output_dir":"results/nuclei_results","reports":{"detailed":"nuclie_results.txt","json":"nuclie_results.json","csv":"nuclie_results.csv"}},"summary":""},{"_id":{"$oid":"6a157d87b957e9e9d34488b9"},"created_at":{"$date":"2026-05-26T11:01:27.719Z"},"url":"https://www.dahd.gov.in/","tool":"nuclei","result":{"status":"success","targets":"https://www.dahd.gov.in/","total_findings":3,"findings":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 4973\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 4973\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026052600 1800 900 604800 86400\n","timestamp":"2026-05-26T11:01:06.654648733Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 46017\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 46017\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026052600 1800 900 604800 86400\n","timestamp":"2026-05-26T11:01:27.616392573Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 4973\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 4973\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026052600 1800 900 604800 86400\n","timestamp":"2026-05-26T11:01:06.654648733Z","matcher-status":true}],"output_dir":"results/nuclei_results","reports":{"detailed":"nuclie_results.txt","json":"nuclie_results.json","csv":"nuclie_results.csv"}},"summary":""},{"_id":{"$oid":"6a15a34588175e30fde3ea9f"},"created_at":{"$date":"2026-05-26T13:42:29.552Z"},"url":"https://awards.gov.in/","tool":"nuclei","result":{"status":"success","targets":"https://awards.gov.in/","total_findings":1,"findings":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 30138\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 30138\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 512\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026052600 1800 900 604800 86400\n","timestamp":"2026-05-26T13:42:28.453567636Z","matcher-status":true}],"output_dir":"results/nuclei_results","reports":{"detailed":"nuclie_results.txt","json":"nuclie_results.json","csv":"nuclie_results.csv"}},"summary":""},{"_id":{"$oid":"6a1f21699a08a460c55a860d"},"created_at":{"$date":"2026-06-02T18:31:05.365Z"},"url":"https://onmark.co.in/nmu/","tool":"nuclei","result":{"status":"success","findings":[],"total_findings":0},"summary":null},{"_id":{"$oid":"6a1f251296aa034bcfbed183"},"created_at":{"$date":"2026-06-02T18:46:42.909Z"},"url":"https://www.cert-in.org.in/","tool":"nuclei","result":{"status":"success","targets":"https://www.cert-in.org.in/","total_findings":3,"findings":[{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 59902\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 59902\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026060201 1800 900 604800 86400\n","timestamp":"2026-06-02T18:46:42.180867736Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 31569\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 31569\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026060201 1800 900 604800 86400\n","timestamp":"2026-06-02T18:46:42.471084493Z","matcher-status":true},{"template":"dns/caa-fingerprint.yaml","template-url":"https://cloud.projectdiscovery.io/public/caa-fingerprint","template-id":"caa-fingerprint","template-path":"/root/nuclei-templates/dns/caa-fingerprint.yaml","info":{"name":"CAA Record","author":["pdteam"],"tags":["dns","caa","discovery"],"description":"A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.","reference":["https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record"],"severity":"info","metadata":{"max-request":1},"classification":{"cve-id":null,"cwe-id":["cwe-200"]}},"type":"dns","host":"/","matched-at":"/","request":";; opcode: QUERY, status: NOERROR, id: 31569\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 4096\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n","response":";; opcode: QUERY, status: NXDOMAIN, id: 31569\n;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1\n\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232\n\n;; QUESTION SECTION:\n;/.\tIN\t CAA\n\n;; AUTHORITY SECTION:\n.\t86400\tIN\tSOA\ta.root-servers.net. nstld.verisign-grs.com. 2026060201 1800 900 604800 86400\n","timestamp":"2026-06-02T18:46:42.471084493Z","matcher-status":true}],"output_dir":"results/nuclei_results","reports":{"detailed":"nuclie_results.txt","json":"nuclie_results.json","csv":"nuclie_results.csv"}},"summary":""}]