urlscan.io logo urlscan.io
SecurityTrails logo

www.ebt.ca.gov Open in urlscan Pro
23.49.248.42  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.ebt.ca.gov/
Effective URL: https://www.ebt.ca.gov/cardholder/
Submission: On December 22 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 1 countries across 4 domains to perform 16 HTTP transactions. The main IP is 23.49.248.42, located in Edison, United States and belongs to AKAMAI-ASN1, NL. The main domain is www.ebt.ca.gov.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on August 11th 2020. Valid for: 2 years.
This is the only time www.ebt.ca.gov was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 12 23.49.248.42 20940 (AKAMAI-ASN1)
2 2600:1400:d:5... 20940 (AKAMAI-ASN1)
1 2600:141b:13:... 20940 (AKAMAI-ASN1)
1 2 23.55.166.115 20940 (AKAMAI-ASN1)
1 2 2600:141b:13:... 20940 (AKAMAI-ASN1)
16 6
12    23.49.248.42 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-49-248-42.deploy.static.akamaitechnologies.com
www.ebt.ca.gov
2    2600:1400:d:5a5::11a6 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
s.go-mpulse.net
173bf10f.akstat.io
1    2600:141b:13:68e::11a6 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
c.go-mpulse.net
2    23.55.166.115 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-55-166-115.deploy.static.akamaitechnologies.com
trial-eum-clientnsv4-s.akamaihd.net
ev4m3lixg6thgyodeeuq-pvr1uz-600c03887-clientnsv4-s.akamaihd.net
2    2600:141b:13::17d7:82ca (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
trial-eum-clienttons-s.akamaihd.net
figvmaaabffqgjqacqnqaeyaabq4gijj-pvr1uz-eacefb6a8-clienttons-s.akamaihd.net

This site contains links to these domains. Also see Links.

Domain
www.ca.gov
ca.p-ebt.org
www.cdss.ca.gov
www.ebtproject.ca.gov
www.fisglobal.com
www.w3.org
Subject Issuer Validity Valid
www.ebt.ca.gov
Sectigo RSA Organization Validation Secure Server CA		 2020-08-11 -
2022-08-11		 2 years crt.sh
akstat.io
DigiCert SHA2 Secure Server CA		 2021-06-08 -
2022-06-13		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.ebt.ca.gov/cardholder/
Frame ID: 664F7B969074A9C7CE9AE446F588CCEB
Requests: 14 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/47BZE-3TL5R-TDNMS-R4AQH-W3WXQ
Frame ID: 5E313D5624F84E290AC2D92A4D4C5821
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

CardHolder Portal

Page URL History Show full URLs

  1. http://www.ebt.ca.gov/ HTTP 301
    https://www.ebt.ca.gov/ Page URL
  2. https://www.ebt.ca.gov/cardholder/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • backbone.*\.js
Overall confidence: 100%
Detected patterns

Page Statistics

16
Requests

88 %
HTTPS

60 %
IPv6

4
Domains

8
Subdomains

6
IPs

1
Countries

707 kB
Transfer

3970 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.ebt.ca.gov/ HTTP 301
    https://www.ebt.ca.gov/ Page URL
  2. https://www.ebt.ca.gov/cardholder/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://www.ebt.ca.gov/ HTTP 301
  • https://www.ebt.ca.gov/
Request Chain 14
  • https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pvr1uzv59 HTTP 302
  • https://ev4m3lixg6thgyodeeuq-pvr1uz-600c03887-clientnsv4-s.akamaihd.net/eum/results.txt
Request Chain 15
  • https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pvr1uzv59 HTTP 302
  • https://figvmaaabffqgjqacqnqaeyaabq4gijj-pvr1uz-eacefb6a8-clienttons-s.akamaihd.net/eum/results.txt

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.ebt.ca.gov/
Redirect Chain
  • http://www.ebt.ca.gov/
  • https://www.ebt.ca.gov/
94 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ebt.ca.gov/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.248.42 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-248-42.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e7913cbaff6baacb74addbbff918f23123fb805af4d4b3dbef7fa990c90d5ff0
Security Headers
Name Value
Content-Security-Policy default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; font-src * data: 'unsafe-inline';
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

server
Apache
x-frame-options
SAMEORIGIN
content-security-policy
default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; font-src * data: 'unsafe-inline';
x-content-type-options
nosniff
x-xss-protection
1; mode=block
last-modified
Tue, 13 Aug 2019 14:21:53 GMT
accept-ranges
bytes
cache-control
max-age=86400
expires
Thu, 23 Dec 2021 12:59:20 GMT
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
x-akamai-transformed
9 106 0 pmb=mRUM,1
date
Wed, 22 Dec 2021 12:59:20 GMT
content-length
106
server-timing
cdn-cache; desc=MISS edge; dur=7 origin; dur=29
strict-transport-security
max-age=31536000 ; includeSubDomains

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://www.ebt.ca.gov/
Date
Wed, 22 Dec 2021 12:59:20 GMT
Connection
keep-alive
Server-Timing
cdn-cache; desc=HIT edge; dur=8000
Primary Request /
www.ebt.ca.gov/cardholder/ 		5 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ebt.ca.gov/cardholder/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.248.42 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-248-42.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3063eb9b4bae58e749ebc7226681e8722c221df57613e310f0c48b2b5c21190a
Security Headers
Name Value
Content-Security-Policy default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; font-src * data: 'unsafe-inline';
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.ebt.ca.gov/

Response headers

server
Apache
x-frame-options
SAMEORIGIN
content-security-policy
default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; font-src * data: 'unsafe-inline';
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-application-context
ca-browser-gateway:prod:7070
last-modified
Mon, 02 Aug 2021 08:08:46 GMT
accept-ranges
bytes
content-type
text/html;charset=UTF-8
content-language
en-CA
cache-control
max-age=86400
expires
Thu, 23 Dec 2021 12:59:20 GMT
vary
Accept-Encoding
content-encoding
gzip
x-akamai-transformed
9 650 0 pmb=mTOE,2mRUM,1
date
Wed, 22 Dec 2021 12:59:20 GMT
content-length
2574
server-timing
cdn-cache; desc=MISS edge; dur=7 origin; dur=33
strict-transport-security
max-age=31536000 ; includeSubDomains
main.css
www.ebt.ca.gov/cardholder/build/ 		434 KB
57 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ebt.ca.gov/cardholder/build/main.css
Requested by
Host: www.ebt.ca.gov
URL: https://www.ebt.ca.gov/cardholder/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.248.42 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-248-42.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1cde9c43cc5144f9b295cb30cef99508d81fc1e0e53a293d03268516a0c68d9a
Security Headers
Name Value
Content-Security-Policy default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; font-src * data: 'unsafe-inline';
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.ebt.ca.gov/cardholder/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; font-src * data: 'unsafe-inline';
content-encoding
gzip
x-content-type-options
nosniff
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
57999
x-xss-protection
1; mode=block
x-application-context
ca-browser-gateway:prod:7070
last-modified
Mon, 02 Aug 2021 08:08:46 GMT
server
Apache
x-frame-options
SAMEORIGIN
date
Wed, 22 Dec 2021 12:59:20 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000 ; includeSubDomains
content-type
text/css
cache-control
max-age=2767
accept-ranges
bytes
expires
Wed, 22 Dec 2021 13:45:27 GMT
74053cd
www.ebt.ca.gov/akam/11/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ebt.ca.gov/akam/11/74053cd
Requested by
Host: www.ebt.ca.gov
URL: https://www.ebt.ca.gov/cardholder/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.248.42 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-248-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9e077b47b630ebe793a77c1b7528a1579fa2f5a6f604ae862b06313324d728e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.ebt.ca.gov/cardholder/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Dec 2021 12:59:21 GMT
content-encoding
gzip
last-modified
Thu, 02 May 2019 20:06:02 GMT
etag
"c0cad1f4e49b1b840bf0711ebf922ee99e4dd0f95e9efa5f04fe6002d727870a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store
server-timing
cdn-cache; desc=HIT, edge; dur=569
strict-transport-security
max-age=31536000 ; includeSubDomains
content-length
10457
expires
Wed, 22 Dec 2021 12:59:21 GMT
polyfills.js
www.ebt.ca.gov/cardholder/build/ 		78 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ebt.ca.gov/cardholder/build/polyfills.js
Requested by
Host: www.ebt.ca.gov
URL: https://www.ebt.ca.gov/cardholder/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.248.42 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-248-42.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
104427d72c702f08c2f43e69a2a18affec8c8b7dfe56e0ea83482266e99c1370
Security Headers
Name Value
Content-Security-Policy default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; font-src * data: 'unsafe-inline';
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.ebt.ca.gov/cardholder/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; font-src * data: 'unsafe-inline';
content-encoding
gzip
x-content-type-options
nosniff
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
30231
x-xss-protection
1; mode=block
x-application-context
ca-browser-gateway:prod:7070
last-modified
Mon, 02 Aug 2021 08:08:46 GMT
server
Apache
x-frame-options
SAMEORIGIN
date
Wed, 22 Dec 2021 12:59:20 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000 ; includeSubDomains
content-type
application/javascript
cache-control
max-age=75421
accept-ranges
bytes
expires
Thu, 23 Dec 2021 09:56:21 GMT
main.js
www.ebt.ca.gov/cardholder/build/ 		3 MB
497 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ebt.ca.gov/cardholder/build/main.js
Requested by
Host: www.ebt.ca.gov
URL: https://www.ebt.ca.gov/cardholder/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.248.42 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-248-42.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
fd508074fc18e484aca5724007c40878498997e48cb73a72f1d7efbdd23a9348
Security Headers
Name Value
Content-Security-Policy default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; font-src * data: 'unsafe-inline';
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.ebt.ca.gov/cardholder/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; font-src * data: 'unsafe-inline';
content-encoding
gzip
x-content-type-options
nosniff
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
507327
x-xss-protection
1; mode=block
x-application-context
ca-browser-gateway:prod:7070
last-modified
Mon, 02 Aug 2021 08:08:46 GMT
server
Apache
x-frame-options
SAMEORIGIN
date
Wed, 22 Dec 2021 12:59:20 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000 ; includeSubDomains
content-type
application/javascript
cache-control
max-age=39961
accept-ranges
bytes
expires
Thu, 23 Dec 2021 00:05:21 GMT
47BZE-3TL5R-TDNMS-R4AQH-W3WXQ
s.go-mpulse.net/boomerang/ Frame 5E31 		202 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/47BZE-3TL5R-TDNMS-R4AQH-W3WXQ
Requested by
Host: www.ebt.ca.gov
URL: https://www.ebt.ca.gov/cardholder/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1400:d:5a5::11a6 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.ebt.ca.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 12:59:20 GMT
content-encoding
br
last-modified
Wed, 08 Dec 2021 20:39:20 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
51580
upFrontMsg
www.ebt.ca.gov/cardholder/rest/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ebt.ca.gov/cardholder/rest/upFrontMsg
Requested by
Host: www.ebt.ca.gov
URL: https://www.ebt.ca.gov/cardholder/build/polyfills.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.248.42 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-248-42.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
631563c0df39ea230ee8241b45e46bd5a679d691f67c7088d635875f656317aa
Security Headers
Name Value
Content-Security-Policy default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; font-src * data: 'unsafe-inline';
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, DENY
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.ebt.ca.gov/cardholder/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; font-src * data: 'unsafe-inline';
content-encoding
gzip
x-content-type-options
nosniff, nosniff
server-timing
cdn-cache; desc=MISS, edge; dur=9, origin; dur=30
content-length
578
x-xss-protection
1; mode=block, 1; mode=block
x-application-context
ca-browser-gateway:prod:7070
pragma
no-cache
server
Apache
x-frame-options
SAMEORIGIN, DENY
date
Wed, 22 Dec 2021 12:59:20 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000 ; includeSubDomains
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, must-revalidate
expires
0
header-ca.gov.png
www.ebt.ca.gov/cardholder/assets/img/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ebt.ca.gov/cardholder/assets/img/header-ca.gov.png
Requested by
Host: www.ebt.ca.gov
URL: https://www.ebt.ca.gov/cardholder/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.248.42 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-248-42.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f2af66415bb61e8f4f27140240d8f350728296bd4047b4aa712551beceb6253c
Security Headers
Name Value
Content-Security-Policy default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; font-src * data: 'unsafe-inline';
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.ebt.ca.gov/cardholder/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; font-src * data: 'unsafe-inline';
x-content-type-options
nosniff
last-modified
Mon, 02 Aug 2021 08:08:46 GMT
server
Apache
x-frame-options
SAMEORIGIN
date
Wed, 22 Dec 2021 12:59:21 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
content-type
image/png
cache-control
max-age=53784
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
9750
x-xss-protection
1; mode=block
x-application-context
ca-browser-gateway:prod:7070
expires
Thu, 23 Dec 2021 03:55:45 GMT
header-background.jpg
www.ebt.ca.gov/cardholder/assets/img/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ebt.ca.gov/cardholder/assets/img/header-background.jpg
Requested by
Host: www.ebt.ca.gov
URL: https://www.ebt.ca.gov/cardholder/build/main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.248.42 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-248-42.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
185f3aa9212a292bfa641fbce9b427265fe6599bce430bc78890a875a34e46ec
Security Headers
Name Value
Content-Security-Policy default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; font-src * data: 'unsafe-inline';
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.ebt.ca.gov/cardholder/build/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; font-src * data: 'unsafe-inline';
x-content-type-options
nosniff
last-modified
Mon, 02 Aug 2021 08:08:46 GMT
server
Apache
x-frame-options
SAMEORIGIN
date
Wed, 22 Dec 2021 12:59:21 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
content-type
image/jpeg
cache-control
max-age=83495
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
30813
x-xss-protection
1; mode=block
x-application-context
ca-browser-gateway:prod:7070
expires
Thu, 23 Dec 2021 12:10:56 GMT
config.json
c.go-mpulse.net/api/ Frame 5E31 		781 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=47BZE-3TL5R-TDNMS-R4AQH-W3WXQ&d=www.ebt.ca.gov&t=5467260&v=1.632.0&if=&sl=0&si=2fp4jri2de2-r4ipex&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=&ak.ai=566120
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/47BZE-3TL5R-TDNMS-R4AQH-W3WXQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:141b:13:68e::11a6 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
22dd559f0a7a00e7de51a4c8b1b7f5a6d94ac9ea4c9c0c2dff517d47901864c4

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.ebt.ca.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 22 Dec 2021 12:59:21 GMT
Cache-Control
private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
781
Content-Type
application/json
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		157 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
en.json
www.ebt.ca.gov/cardholder/assets/i18n/ 		38 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ebt.ca.gov/cardholder/assets/i18n/en.json
Requested by
Host: www.ebt.ca.gov
URL: https://www.ebt.ca.gov/cardholder/build/polyfills.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.248.42 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-248-42.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e7256d23c4a8f26c4e1e5d5ff47a761babfb9b33184fc0f9b67f638a2e4a9b85
Security Headers
Name Value
Content-Security-Policy default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; font-src * data: 'unsafe-inline';
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.ebt.ca.gov/cardholder/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; font-src * data: 'unsafe-inline';
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 02 Aug 2021 08:08:46 GMT
server
Apache
date
Wed, 22 Dec 2021 12:59:21 GMT
x-frame-options
SAMEORIGIN
content-type
application/json
server-timing
cdn-cache; desc=MISS, edge; dur=7, origin; dur=31
strict-transport-security
max-age=31536000 ; includeSubDomains
accept-ranges
bytes
vary
Accept-Encoding
content-length
10649
x-xss-protection
1; mode=block
x-application-context
ca-browser-gateway:prod:7070
/
173bf10f.akstat.io/ 		0
202 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://173bf10f.akstat.io/
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/47BZE-3TL5R-TDNMS-R4AQH-W3WXQ
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1400:d:5a5::11a6 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ebt.ca.gov/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 22 Dec 2021 12:59:21 GMT
content-type
image/gif
access-control-allow-origin
https://www.ebt.ca.gov
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
0
expires
Wed, 22 Dec 2021 12:59:21 GMT
results.txt
ev4m3lixg6thgyodeeuq-pvr1uz-600c03887-clientnsv4-s.akamaihd.net/eum/ Frame 5E31
Redirect Chain
  • https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pvr1uzv59
  • https://ev4m3lixg6thgyodeeuq-pvr1uz-600c03887-clientnsv4-s.akamaihd.net/eum/results.txt
8 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ev4m3lixg6thgyodeeuq-pvr1uz-600c03887-clientnsv4-s.akamaihd.net/eum/results.txt
Protocol
HTTP/1.1
Server
23.55.166.115 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-166-115.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.ebt.ca.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 22 Dec 2021 12:59:21 GMT
Last-Modified
Wed, 08 May 2013 07:51:12 GMT
Server
AkamaiNetStorage
ETag
"402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type
text/plain
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8

Redirect headers

Location
https://ev4m3lixg6thgyodeeuq-pvr1uz-600c03887-clientnsv4-s.akamaihd.net/eum/results.txt
Date
Wed, 22 Dec 2021 12:59:21 GMT
Server
AkamaiGHost
Connection
keep-alive
Access-Control-Allow-Origin
*
Content-Length
0
results.txt
figvmaaabffqgjqacqnqaeyaabq4gijj-pvr1uz-eacefb6a8-clienttons-s.akamaihd.net/eum/ Frame 5E31
Redirect Chain
  • https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pvr1uzv59
  • https://figvmaaabffqgjqacqnqaeyaabq4gijj-pvr1uz-eacefb6a8-clienttons-s.akamaihd.net/eum/results.txt
8 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://figvmaaabffqgjqacqnqaeyaabq4gijj-pvr1uz-eacefb6a8-clienttons-s.akamaihd.net/eum/results.txt
Protocol
HTTP/1.1
Server
2600:141b:13::17d7:82ca New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.ebt.ca.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 22 Dec 2021 12:59:21 GMT
Last-Modified
Wed, 08 May 2013 07:51:12 GMT
Server
AkamaiNetStorage
ETag
"402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type
text/plain
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8

Redirect headers

Location
https://figvmaaabffqgjqacqnqaeyaabq4gijj-pvr1uz-eacefb6a8-clienttons-s.akamaihd.net/eum/results.txt
Date
Wed, 22 Dec 2021 12:59:21 GMT
Server
AkamaiGHost
Connection
keep-alive
Access-Control-Allow-Origin
*
Content-Length
0
pixel_74053cd
www.ebt.ca.gov/akam/11/ 		0
600 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ebt.ca.gov/akam/11/pixel_74053cd
Requested by
Host: www.ebt.ca.gov
URL: https://www.ebt.ca.gov/cardholder/build/polyfills.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.248.42 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-248-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://www.ebt.ca.gov/cardholder/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 22 Dec 2021 12:59:21 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=2
content-length
0
strict-transport-security
max-age=31536000 ; includeSubDomains
content-type
text/html

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| BOOMR_API_key object| BOOMR number| BOOMR_lstart string| bazadebezolkohpepadr object| MyBundle object| core object| __core-js_shared__ function| __zone_symbol__Promise function| Zone function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| assert function| Hammer object| IonicNative object| Ionic function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers object| __zone_symbol__eventTasks object| BOOMR_mq string| urhehlevkedkilrobacf number| BOOMR_onload number| BOOMR_configt function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener

5 Cookies

Domain/Path Name / Value
www.ebt.ca.gov/ Name: ENCRYPT
Value: 28d4a3dac24c50695c4016ae8e5c2345eefd65bd4eeddaef41d6684d6cf443de0de8f5c3
.ca.gov/ Name: RT
Value: "z=1&dm=ca.gov&si=2fp4jri2de2&ss=kxhjly47&sl=0&tt=0"
.ebt.ca.gov/ Name: bm_mi
Value: B534A2A621F9C383B7CEACF1C292441D~vwF55oMtU2MIOXa/QUH2V3pk/eOB7CwzKuXtWV01xa02xeexmjyoOgh/wzrA0moUGAWw+g+ENbaj7GYEexUWWN9InilHFK5WucKyPccgaBi2a/nPl4wynFcYIs4AJEmFr2X4Rf0leuk7WvDnTk2W/RnG3F3pM36ubxaBd7WrBLPq7HrR/PKLRgiedIX85v6NM4jjKKLL1Uc+C7EdHKFTlns/QKcSF/T7GRn641+r0mEkKzEVn6SqHk3b4QPu16ZnoTnA1OXaDSDGlDJrwLldSN3iBMDBOgStH/dd5mnNwCo=
.ebt.ca.gov/ Name: bm_sv
Value: 292C6C5296964EE9498838550620DB8A~WH5sm/JmKzjH9iYd4T7qmuToxCqCDcFtLeZJqzSnX3iNSyYJAfbNTaMlhq9dxp+x1I6BbA8D8PwJdTvLtnFUPMK+m8tZ2RZWdl3BBH+xz64uAMm+WcG4xle7p673RokCT+VmlhLWXJnrFEwqELlGmoZ+fupu9gGpXGgyOE+zOjg=
.ebt.ca.gov/ Name: ak_bmsc
Value: 15CA79D4A38EA886AFB8B7EBA18DEFFD~000000000000000000000000000000~YAAQKhMoF1x+2bR9AQAApYs54g7Qr5Q2ozhH315/9+ouy7vvOZqBW+uOAfv5r1rxuqfaJbfJTd6tu9bMF1JRRLLk7kZ3ANKCrv269SVyq1BaDw1Q1TAdTPiBns6Lmb0CS4/X5Pk5KHqayXAxm3I3tXQCVF06P6HQrmD9pxtmzWGlTmbwaABn5bc93/mnQjQVvUOGzFPqJj3io2sbNRnXDYzhd0rjD7uexNQZR4KFV6g5FYVWHYuT4onXDliiaMt6XqaJP5Q1USUgOn2//zW1ehMAf1qRDLV5zlyo5i8W3lLhpZqa5cLh0h42QeUdBxSQxm7Vnaxs+/HlErwJ1fOPzMw1lpdSNPiYYGuFOmNm9SCILDzMOitD1vOS+3eLaepK6hcvif4mqEotnONbPT5GQIXlw3+ZuC4=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; font-src * data: 'unsafe-inline';
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

173bf10f.akstat.io
c.go-mpulse.net
ev4m3lixg6thgyodeeuq-pvr1uz-600c03887-clientnsv4-s.akamaihd.net
figvmaaabffqgjqacqnqaeyaabq4gijj-pvr1uz-eacefb6a8-clienttons-s.akamaihd.net
s.go-mpulse.net
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
www.ebt.ca.gov
23.49.248.42
23.55.166.115
2600:1400:d:5a5::11a6
2600:141b:13:68e::11a6
2600:141b:13::17d7:82ca
104427d72c702f08c2f43e69a2a18affec8c8b7dfe56e0ea83482266e99c1370
185f3aa9212a292bfa641fbce9b427265fe6599bce430bc78890a875a34e46ec
1cde9c43cc5144f9b295cb30cef99508d81fc1e0e53a293d03268516a0c68d9a
22dd559f0a7a00e7de51a4c8b1b7f5a6d94ac9ea4c9c0c2dff517d47901864c4
3063eb9b4bae58e749ebc7226681e8722c221df57613e310f0c48b2b5c21190a
631563c0df39ea230ee8241b45e46bd5a679d691f67c7088d635875f656317aa
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54
9e077b47b630ebe793a77c1b7528a1579fa2f5a6f604ae862b06313324d728e2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7256d23c4a8f26c4e1e5d5ff47a761babfb9b33184fc0f9b67f638a2e4a9b85
e7913cbaff6baacb74addbbff918f23123fb805af4d4b3dbef7fa990c90d5ff0
f2af66415bb61e8f4f27140240d8f350728296bd4047b4aa712551beceb6253c
fd508074fc18e484aca5724007c40878498997e48cb73a72f1d7efbdd23a9348