67.157.159.212 Open in urlscan Pro
67.157.159.212  Malicious Activity! Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request password Show response 67.157.159.212/user/	18 KB 18 KB	473ms 292ms	Document text/html	67.157.159.212 California Techno...
General Check archive.org Show headers Download Go to Full URL http://67.157.159.212/user/password Protocol HTTP/1.1 Server 67.157.159.212 Rancho Cordova, United States, ASN1226 (CTA-42-AS1226 - California Technology Agency, US), Reverse DNS dawg.energy.ca.gov Software Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/5.4.16 / PHP/5.4.16 Resource Hash 14fb8ac09f9f5865578ac8d268d7a4802e9dd631a83be2888e1b6d1caa94b7fe Security Headers Name Value X-Content-Type-Options nosniff nosniff X-Frame-Options SAMEORIGIN Request headers Host 67.157.159.212 Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 06 Dec 2018 20:19:07 GMT Server Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/5.4.16 X-Content-Type-Options nosniff nosniff X-Powered-By PHP/5.4.16 Expires Sun, 19 Nov 1978 05:00:00 GMT Cache-Control no-cache, must-revalidate Content-Language en X-Frame-Options SAMEORIGIN X-Generator Drupal 7 (https://www.drupal.org) Link <http://67.157.159.212/user/password>; rel="canonical",<http://67.157.159.212/user/password>; rel="shortlink" Keep-Alive timeout=5, max=100 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html; charset=utf-8
GET H/1.1	200 OK	css_lQaZfjVpwP_oGNqdtWCSpJT1EMqXdMiU84ekLLxQnc4.css 67.157.159.212/sites/default/files/css/	3 KB 1 KB	182ms 182ms	Stylesheet text/css	67.157.159.212 California Techno...
General Check archive.org Show headers Download Go to Full URL http://67.157.159.212/sites/default/files/css/css_lQaZfjVpwP_oGNqdtWCSpJT1EMqXdMiU84ekLLxQnc4.css Requested by Host: 67.157.159.212 URL: http://67.157.159.212/user/password Protocol HTTP/1.1 Server 67.157.159.212 Rancho Cordova, United States, ASN1226 (CTA-42-AS1226 - California Technology Agency, US), Reverse DNS dawg.energy.ca.gov Software Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/5.4.16 / Resource Hash 9506997e3569c0ffe818da9db56092a494f510ca9774c894f387a42cbc509dce Security Headers Name Value X-Content-Type-Options nosniff Request headers Pragma no-cache Accept-Encoding gzip, deflate Host 67.157.159.212 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,*/*;q=0.1 Referer http://67.157.159.212/user/password Connection keep-alive Cache-Control no-cache Referer http://67.157.159.212/user/password User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 06 Dec 2018 20:19:07 GMT Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Fri, 19 Oct 2018 05:21:16 GMT Server Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/5.4.16 ETag "416-5788e1299a604" Vary Accept-Encoding Content-Type text/css Cache-Control max-age=1209600 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 1046 Expires Thu, 20 Dec 2018 20:19:07 GMT
GET H/1.1	200 OK	css_DEdq-tfqexgWPHdPppvF2qYyZ1ALLjO4JCd7W6LtUbE.css 67.157.159.212/sites/default/files/css/	23 KB 5 KB	368ms 186ms	Stylesheet text/css	67.157.159.212 California Techno...
General Check archive.org Show headers Download Go to Full URL http://67.157.159.212/sites/default/files/css/css_DEdq-tfqexgWPHdPppvF2qYyZ1ALLjO4JCd7W6LtUbE.css Requested by Host: 67.157.159.212 URL: http://67.157.159.212/user/password Protocol HTTP/1.1 Server 67.157.159.212 Rancho Cordova, United States, ASN1226 (CTA-42-AS1226 - California Technology Agency, US), Reverse DNS dawg.energy.ca.gov Software Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/5.4.16 / Resource Hash 0c476afad7ea7b18163c774fa69bc5daa63267500b2e33b824277b5ba2ed51b1 Security Headers Name Value X-Content-Type-Options nosniff Request headers Pragma no-cache Accept-Encoding gzip, deflate Host 67.157.159.212 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,*/*;q=0.1 Referer http://67.157.159.212/user/password Connection keep-alive Cache-Control no-cache Referer http://67.157.159.212/user/password User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 06 Dec 2018 20:19:07 GMT Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Fri, 19 Oct 2018 05:21:16 GMT Server Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/5.4.16 ETag "10a0-5788e1299e09c" Vary Accept-Encoding Content-Type text/css Cache-Control max-age=1209600 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 4256 Expires Thu, 20 Dec 2018 20:19:07 GMT
GET H/1.1	200 OK	css_PGbJgHCUCBf4dg7K9Kt8aAwsApndP4GZ9RuToPy3-Fk.css 67.157.159.212/sites/default/files/css/	494 B 732 B	368ms 186ms	Stylesheet text/css	67.157.159.212 California Techno...
General Check archive.org Show headers Download Go to Full URL http://67.157.159.212/sites/default/files/css/css_PGbJgHCUCBf4dg7K9Kt8aAwsApndP4GZ9RuToPy3-Fk.css Requested by Host: 67.157.159.212 URL: http://67.157.159.212/user/password Protocol HTTP/1.1 Server 67.157.159.212 Rancho Cordova, United States, ASN1226 (CTA-42-AS1226 - California Technology Agency, US), Reverse DNS dawg.energy.ca.gov Software Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/5.4.16 / Resource Hash 3c66c98070940817f8760ecaf4ab7c680c2c0299dd3f8199f51b93a0fcb7f859 Security Headers Name Value X-Content-Type-Options nosniff Request headers Pragma no-cache Accept-Encoding gzip, deflate Host 67.157.159.212 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,*/*;q=0.1 Referer http://67.157.159.212/user/password Connection keep-alive Cache-Control no-cache Referer http://67.157.159.212/user/password User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 06 Dec 2018 20:19:07 GMT Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Fri, 19 Oct 2018 05:21:05 GMT Server Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/5.4.16 ETag "fa-5788e11f75700" Vary Accept-Encoding Content-Type text/css Cache-Control max-age=1209600 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 250 Expires Thu, 20 Dec 2018 20:19:07 GMT
GET H/1.1	200 OK	css_UoYFm0eqrlVZ3bu95ouO4ZblyTjutQ6fw52LcC7gvg4.css 67.157.159.212/sites/default/files/css/	313 KB 46 KB	364ms 183ms	Stylesheet text/css	67.157.159.212 California Techno...
General Check archive.org Show headers Download Go to Full URL http://67.157.159.212/sites/default/files/css/css_UoYFm0eqrlVZ3bu95ouO4ZblyTjutQ6fw52LcC7gvg4.css Requested by Host: 67.157.159.212 URL: http://67.157.159.212/user/password Protocol HTTP/1.1 Server 67.157.159.212 Rancho Cordova, United States, ASN1226 (CTA-42-AS1226 - California Technology Agency, US), Reverse DNS dawg.energy.ca.gov Software Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/5.4.16 / Resource Hash 5286059b47aaae5559ddbbbde68b8ee196e5c938eeb50e9fc39d8b702ee0be0e Security Headers Name Value X-Content-Type-Options nosniff Request headers Pragma no-cache Accept-Encoding gzip, deflate Host 67.157.159.212 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,*/*;q=0.1 Referer http://67.157.159.212/user/password Connection keep-alive Cache-Control no-cache Referer http://67.157.159.212/user/password User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 06 Dec 2018 20:19:07 GMT Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Fri, 19 Oct 2018 05:21:16 GMT Server Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/5.4.16 ETag "b5d8-5788e129aa7d4" Vary Accept-Encoding Content-Type text/css Cache-Control max-age=1209600 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 46552 Expires Thu, 20 Dec 2018 20:19:07 GMT
GET H/1.1	200 OK	jquery.js Show response ajax.googleapis.com/ajax/libs/jquery/1.11.2/	278 KB 83 KB	12ms 7ms	Script text/javascript	2a00:1450:4001:821::200a Google LLC
General Check archive.org Show headers Download Go to Full URL http://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.js Requested by Host: 67.157.159.212 URL: http://67.157.159.212/user/password Protocol HTTP/1.1 Server 2a00:1450:4001:821::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 58c27035b7a2e589df397e5d7e05424b90b8c1aaaf73eff47d5ed6daecb70f25 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer http://67.157.159.212/user/password User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 06 Dec 2018 10:48:35 GMT Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Tue, 20 Dec 2016 18:17:03 GMT Server sffe Age 34232 Vary Accept-Encoding Content-Type text/javascript; charset=UTF-8 Access-Control-Allow-Origin * Cache-Control public, max-age=31536000, stale-while-revalidate=2592000 Accept-Ranges bytes Timing-Allow-Origin * Content-Length 84953 X-XSS-Protection 1; mode=block Expires Fri, 06 Dec 2019 10:48:35 GMT
GET H/1.1	200 OK	js_vSmhpx_T-AShyt_WMW5_TcwwxJP1imoVOa8jvwL_mxE.js Show response 67.157.159.212/sites/default/files/js/	23 KB 8 KB	365ms 183ms	Script text/javascript	67.157.159.212 California Techno...
General Check archive.org Show headers Download Go to Full URL http://67.157.159.212/sites/default/files/js/js_vSmhpx_T-AShyt_WMW5_TcwwxJP1imoVOa8jvwL_mxE.js Requested by Host: 67.157.159.212 URL: http://67.157.159.212/user/password Protocol HTTP/1.1 Server 67.157.159.212 Rancho Cordova, United States, ASN1226 (CTA-42-AS1226 - California Technology Agency, US), Reverse DNS dawg.energy.ca.gov Software Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/5.4.16 / Resource Hash bd29a1a71fd3f804a1cadfd6316e7f4dcc30c493f58a6a1539af23bf02ff9b11 Security Headers Name Value X-Content-Type-Options nosniff Request headers Pragma no-cache Accept-Encoding gzip, deflate Host 67.157.159.212 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept */* Referer http://67.157.159.212/user/password Connection keep-alive Cache-Control no-cache Referer http://67.157.159.212/user/password User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 06 Dec 2018 20:19:07 GMT Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Fri, 19 Oct 2018 05:21:05 GMT Server Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/5.4.16 ETag "1e63-5788e11f79580" Vary Accept-Encoding Content-Type text/javascript Cache-Control max-age=1209600 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 7779 Expires Thu, 20 Dec 2018 20:19:07 GMT
GET H/1.1	200 OK	js_gPqjYq7fqdMzw8-29XWQIVoDSWTmZCGy9OqaHppNxuQ.js Show response 67.157.159.212/sites/default/files/js/	6 KB 2 KB	366ms 185ms	Script text/javascript	67.157.159.212 California Techno...
General Check archive.org Show headers Download Go to Full URL http://67.157.159.212/sites/default/files/js/js_gPqjYq7fqdMzw8-29XWQIVoDSWTmZCGy9OqaHppNxuQ.js Requested by Host: 67.157.159.212 URL: http://67.157.159.212/user/password Protocol HTTP/1.1 Server 67.157.159.212 Rancho Cordova, United States, ASN1226 (CTA-42-AS1226 - California Technology Agency, US), Reverse DNS dawg.energy.ca.gov Software Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/5.4.16 / Resource Hash 80faa362aedfa9d333c3cfb6f57590215a034964e66421b2f4ea9a1e9a4dc6e4 Security Headers Name Value X-Content-Type-Options nosniff Request headers Pragma no-cache Accept-Encoding gzip, deflate Host 67.157.159.212 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept */* Referer http://67.157.159.212/user/password Connection keep-alive Cache-Control no-cache Referer http://67.157.159.212/user/password User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 06 Dec 2018 20:19:07 GMT Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Fri, 19 Oct 2018 05:21:16 GMT Server Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/5.4.16 ETag "752-5788e129b0594" Vary Accept-Encoding Content-Type text/javascript Cache-Control max-age=1209600 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 1874 Expires Thu, 20 Dec 2018 20:19:07 GMT
GET H/1.1	200 OK	js_pnRW_DCIaB4sCGMzsZUVr401PD0RvSHw9HOiimp4B3o.js Show response 67.157.159.212/sites/default/files/js/	16 KB 7 KB	367ms 186ms	Script text/javascript	67.157.159.212 California Techno...
General Check archive.org Show headers Download Go to Full URL http://67.157.159.212/sites/default/files/js/js_pnRW_DCIaB4sCGMzsZUVr401PD0RvSHw9HOiimp4B3o.js Requested by Host: 67.157.159.212 URL: http://67.157.159.212/user/password Protocol HTTP/1.1 Server 67.157.159.212 Rancho Cordova, United States, ASN1226 (CTA-42-AS1226 - California Technology Agency, US), Reverse DNS dawg.energy.ca.gov Software Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/5.4.16 / Resource Hash a67456fc3088681e2c086333b19515af8d353c3d11bd21f0f473a28a6a78077a Security Headers Name Value X-Content-Type-Options nosniff Request headers Pragma no-cache Accept-Encoding gzip, deflate Host 67.157.159.212 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept */* Referer http://67.157.159.212/user/password Connection keep-alive Cache-Control no-cache Referer http://67.157.159.212/user/password User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 06 Dec 2018 20:19:07 GMT Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Fri, 19 Oct 2018 05:21:16 GMT Server Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/5.4.16 ETag "19e4-5788e129b1534" Vary Accept-Encoding Content-Type text/javascript Cache-Control max-age=1209600 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 6628 Expires Thu, 20 Dec 2018 20:19:07 GMT
GET H/1.1	200 OK	header-ca.gov_.png 67.157.159.212/sites/default/files/	10 KB 10 KB	183ms 182ms	Image image/png	67.157.159.212 California Techno...
General Check archive.org Show headers Download Go to Show image Full URL http://67.157.159.212/sites/default/files/header-ca.gov_.png Requested by Host: 67.157.159.212 URL: http://67.157.159.212/user/password Protocol HTTP/1.1 Server 67.157.159.212 Rancho Cordova, United States, ASN1226 (CTA-42-AS1226 - California Technology Agency, US), Reverse DNS dawg.energy.ca.gov Software Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/5.4.16 / Resource Hash f2af66415bb61e8f4f27140240d8f350728296bd4047b4aa712551beceb6253c Security Headers Name Value X-Content-Type-Options nosniff Request headers Pragma no-cache Accept-Encoding gzip, deflate Host 67.157.159.212 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/*,*/*;q=0.8 Referer http://67.157.159.212/user/password Connection keep-alive Cache-Control no-cache Referer http://67.157.159.212/user/password User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 06 Dec 2018 20:19:08 GMT X-Content-Type-Options nosniff Last-Modified Wed, 07 Sep 2016 20:28:56 GMT Server Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/5.4.16 ETag "2616-53bf0c3293200" Content-Type image/png Cache-Control max-age=1209600 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 9750 Expires Thu, 20 Dec 2018 20:19:08 GMT
GET H/1.1	200 OK	header-organization.png 67.157.159.212/sites/all/themes/cagov4/images/	30 KB 31 KB	181ms 181ms	Image image/png	67.157.159.212 California Techno...
General Check archive.org Show headers Download Go to Show image Full URL http://67.157.159.212/sites/all/themes/cagov4/images/header-organization.png Requested by Host: 67.157.159.212 URL: http://67.157.159.212/user/password Protocol HTTP/1.1 Server 67.157.159.212 Rancho Cordova, United States, ASN1226 (CTA-42-AS1226 - California Technology Agency, US), Reverse DNS dawg.energy.ca.gov Software Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/5.4.16 / Resource Hash c02d287ea197fe6b410f2a1b1ce7b49851524637d730036397f387f54fe6a55d Security Headers Name Value X-Content-Type-Options nosniff Request headers Pragma no-cache Accept-Encoding gzip, deflate Host 67.157.159.212 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/*,*/*;q=0.8 Referer http://67.157.159.212/user/password Connection keep-alive Cache-Control no-cache Referer http://67.157.159.212/user/password User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 06 Dec 2018 20:19:08 GMT X-Content-Type-Options nosniff Last-Modified Wed, 07 Sep 2016 18:43:25 GMT Server Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/5.4.16 ETag "78d1-53bef49cdcd40" Content-Type image/png Cache-Control max-age=1209600 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 30929 Expires Thu, 20 Dec 2018 20:19:08 GMT
GET H/1.1	200 OK	js_L89trsWBAChxjnvhVzUc12iU3f-HntCqU7xJ1LE7T3A.js Show response 67.157.159.212/sites/default/files/js/	211 KB 48 KB	182ms 182ms	Script text/javascript	67.157.159.212 California Techno...
General Check archive.org Show headers Download Go to Full URL http://67.157.159.212/sites/default/files/js/js_L89trsWBAChxjnvhVzUc12iU3f-HntCqU7xJ1LE7T3A.js Requested by Host: 67.157.159.212 URL: http://67.157.159.212/user/password Protocol HTTP/1.1 Server 67.157.159.212 Rancho Cordova, United States, ASN1226 (CTA-42-AS1226 - California Technology Agency, US), Reverse DNS dawg.energy.ca.gov Software Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/5.4.16 / Resource Hash 2fcf6daec5810028718e7be157351cd76894ddff879ed0aa53bc49d4b13b4f70 Security Headers Name Value X-Content-Type-Options nosniff Request headers Pragma no-cache Accept-Encoding gzip, deflate Host 67.157.159.212 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept */* Referer http://67.157.159.212/user/password Connection keep-alive Cache-Control no-cache Referer http://67.157.159.212/user/password User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 06 Dec 2018 20:19:08 GMT Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Fri, 19 Oct 2018 05:21:16 GMT Server Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/5.4.16 ETag "bcdb-5788e12998aac" Vary Accept-Encoding Content-Type text/javascript Cache-Control max-age=1209600 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 48347 Expires Thu, 20 Dec 2018 20:19:08 GMT
GET S	200	analytics.js Show response www.google-analytics.com/	43 KB 17 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:81f::200e Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: 67.157.159.212 URL: http://67.157.159.212/user/password Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1450:4001:81f::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Golfe2 / Resource Hash b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer http://67.157.159.212/user/password User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Mon, 05 Nov 2018 21:10:09 GMT server Golfe2 age 3722 date Thu, 06 Dec 2018 19:17:06 GMT vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=7200 timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 17404 expires Thu, 06 Dec 2018 21:17:06 GMT
GET H/1.1	200 OK	2column-bg.png 67.157.159.212/sites/all/themes/cagov4/images/template2014/santabarbara/	1 KB 2 KB	181ms 181ms	Image image/png	67.157.159.212 California Techno...
General Check archive.org Show headers Download Go to Show image Full URL http://67.157.159.212/sites/all/themes/cagov4/images/template2014/santabarbara/2column-bg.png Requested by Host: 67.157.159.212 URL: http://67.157.159.212/user/password Protocol HTTP/1.1 Server 67.157.159.212 Rancho Cordova, United States, ASN1226 (CTA-42-AS1226 - California Technology Agency, US), Reverse DNS dawg.energy.ca.gov Software Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/5.4.16 / Resource Hash f52fa3b04cc7bf896feba9a469afeee09cfb1568caca9aab0b7599c30a370b5c Security Headers Name Value X-Content-Type-Options nosniff Request headers Pragma no-cache Accept-Encoding gzip, deflate Host 67.157.159.212 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/*,*/*;q=0.8 Referer http://67.157.159.212/sites/default/files/css/css_UoYFm0eqrlVZ3bu95ouO4ZblyTjutQ6fw52LcC7gvg4.css Cookie has_js=1 Connection keep-alive Cache-Control no-cache Referer http://67.157.159.212/sites/default/files/css/css_UoYFm0eqrlVZ3bu95ouO4ZblyTjutQ6fw52LcC7gvg4.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 06 Dec 2018 20:19:08 GMT X-Content-Type-Options nosniff Last-Modified Sat, 16 Jul 2016 00:52:50 GMT Server Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/5.4.16 ETag "503-537b627829c80" Content-Type image/png Cache-Control max-age=1209600 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 1283 Expires Thu, 20 Dec 2018 20:19:08 GMT
GET H/1.1	200 OK	announcement-calendar.png 67.157.159.212/sites/all/themes/cagov4/images/	1 KB 2 KB	181ms 181ms	Image image/png	67.157.159.212 California Techno...
General Check archive.org Show headers Download Go to Show image Full URL http://67.157.159.212/sites/all/themes/cagov4/images/announcement-calendar.png Requested by Host: 67.157.159.212 URL: http://67.157.159.212/user/password Protocol HTTP/1.1 Server 67.157.159.212 Rancho Cordova, United States, ASN1226 (CTA-42-AS1226 - California Technology Agency, US), Reverse DNS dawg.energy.ca.gov Software Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/5.4.16 / Resource Hash 914814af082c8a4d08fb4505fa222b898bbfa0b7b058d54847dfa695d4891478 Security Headers Name Value X-Content-Type-Options nosniff Request headers Pragma no-cache Accept-Encoding gzip, deflate Host 67.157.159.212 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/*,*/*;q=0.8 Referer http://67.157.159.212/sites/default/files/css/css_UoYFm0eqrlVZ3bu95ouO4ZblyTjutQ6fw52LcC7gvg4.css Cookie has_js=1 Connection keep-alive Cache-Control no-cache Referer http://67.157.159.212/sites/default/files/css/css_UoYFm0eqrlVZ3bu95ouO4ZblyTjutQ6fw52LcC7gvg4.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 06 Dec 2018 20:19:08 GMT X-Content-Type-Options nosniff Last-Modified Fri, 29 Jul 2016 22:09:42 GMT Server Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/5.4.16 ETag "57a-538cd81e0d580" Content-Type image/png Cache-Control max-age=1209600 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 1402 Expires Thu, 20 Dec 2018 20:19:08 GMT
GET H/1.1	200 OK	nav-down-arrow.png 67.157.159.212/sites/all/themes/cagov4/images/template2014/	798 B 1 KB	181ms 181ms	Image image/png	67.157.159.212 California Techno...
General Check archive.org Show headers Download Go to Show image Full URL http://67.157.159.212/sites/all/themes/cagov4/images/template2014/nav-down-arrow.png Requested by Host: 67.157.159.212 URL: http://67.157.159.212/user/password Protocol HTTP/1.1 Server 67.157.159.212 Rancho Cordova, United States, ASN1226 (CTA-42-AS1226 - California Technology Agency, US), Reverse DNS dawg.energy.ca.gov Software Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/5.4.16 / Resource Hash a8c12e55886e9d355e00e1c6489dcb9356dca141bdf0e3af9326b82fd772538a Security Headers Name Value X-Content-Type-Options nosniff Request headers Pragma no-cache Accept-Encoding gzip, deflate Host 67.157.159.212 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/*,*/*;q=0.8 Referer http://67.157.159.212/sites/default/files/css/css_UoYFm0eqrlVZ3bu95ouO4ZblyTjutQ6fw52LcC7gvg4.css Cookie has_js=1 Connection keep-alive Cache-Control no-cache Referer http://67.157.159.212/sites/default/files/css/css_UoYFm0eqrlVZ3bu95ouO4ZblyTjutQ6fw52LcC7gvg4.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 06 Dec 2018 20:19:08 GMT X-Content-Type-Options nosniff Last-Modified Sat, 16 Jul 2016 00:52:50 GMT Server Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/5.4.16 ETag "31e-537b627829c80" Content-Type image/png Cache-Control max-age=1209600 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 798 Expires Thu, 20 Dec 2018 20:19:08 GMT
GET H/1.1	200 OK	DAWG%20Banner_150dpi.jpg 67.157.159.212/sites/default/files/images/template2014/	91 KB 91 KB	182ms 182ms	Image image/jpeg	67.157.159.212 California Techno...
General Check archive.org Show headers Download Go to Show image Full URL http://67.157.159.212/sites/default/files/images/template2014/DAWG%20Banner_150dpi.jpg Requested by Host: 67.157.159.212 URL: http://67.157.159.212/user/password Protocol HTTP/1.1 Server 67.157.159.212 Rancho Cordova, United States, ASN1226 (CTA-42-AS1226 - California Technology Agency, US), Reverse DNS dawg.energy.ca.gov Software Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/5.4.16 / Resource Hash fcde700f9e7dd55ddae140848779db15faecf7f06486d5f9baa9a0102d1f6683 Security Headers Name Value X-Content-Type-Options nosniff Request headers Pragma no-cache Accept-Encoding gzip, deflate Host 67.157.159.212 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/*,*/*;q=0.8 Referer http://67.157.159.212/user/password Cookie has_js=1 Connection keep-alive Cache-Control no-cache Referer http://67.157.159.212/user/password User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 06 Dec 2018 20:19:08 GMT X-Content-Type-Options nosniff Last-Modified Thu, 15 Sep 2016 17:26:20 GMT Server Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/5.4.16 ETag "16b23-53c8f24dce700" Content-Type image/jpeg Cache-Control max-age=1209600 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 92963 Expires Thu, 20 Dec 2018 20:19:08 GMT
GET H/1.1	200 OK	CaGov.woff 67.157.159.212/sites/all/themes/cagov4/fonts/	62 KB 63 KB	182ms 182ms	Font application/font-woff	67.157.159.212 California Techno...
General Check archive.org Show headers Download Go to Full URL http://67.157.159.212/sites/all/themes/cagov4/fonts/CaGov.woff Requested by Host: 67.157.159.212 URL: http://67.157.159.212/user/password Protocol HTTP/1.1 Server 67.157.159.212 Rancho Cordova, United States, ASN1226 (CTA-42-AS1226 - California Technology Agency, US), Reverse DNS dawg.energy.ca.gov Software Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/5.4.16 / Resource Hash abe4edc8768700c804651cd8a8e2ecd03f1e63de07ea14cdc93f7bfe0d694233 Security Headers Name Value X-Content-Type-Options nosniff Request headers Pragma no-cache Origin http://67.157.159.212 Accept-Encoding gzip, deflate Host 67.157.159.212 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept */* Referer http://67.157.159.212/sites/default/files/css/css_UoYFm0eqrlVZ3bu95ouO4ZblyTjutQ6fw52LcC7gvg4.css Cookie has_js=1 Connection keep-alive Cache-Control no-cache User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer http://67.157.159.212/sites/default/files/css/css_UoYFm0eqrlVZ3bu95ouO4ZblyTjutQ6fw52LcC7gvg4.css Origin http://67.157.159.212 Response headers Date Thu, 06 Dec 2018 20:19:08 GMT X-Content-Type-Options nosniff Last-Modified Tue, 19 Jul 2016 02:10:53 GMT Server Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/5.4.16 ETag "f984-537f39829a540" Content-Type application/font-woff Cache-Control max-age=1209600 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 63876 Expires Thu, 20 Dec 2018 20:19:08 GMT
GET S	200	collect www.google-analytics.com/r/	35 B 111 B	13ms 13ms	Image image/gif	2a00:1450:4001:81f::200e Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/r/collect?v=1&_v=j72&aip=1&a=472973168&t=pageview&_s=1&dl=http%3A%2F%2F67.157.159.212%2Fuser%2Fpassword&ul=en-us&de=UTF-8&dt=User%20account%20%7C%20Demand%20Analysis%20Working%20Group&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEAB~&jid=923772318&gjid=161352548&cid=61622234.1544127548&tid=UA-82373098-1&_gid=440029966.1544127548&_r=1&z=389330419 Requested by Host: 67.157.159.212 URL: http://67.157.159.212/user/password Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1450:4001:81f::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://67.157.159.212/user/password User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers pragma no-cache date Thu, 06 Dec 2018 20:19:08 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 status 200 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: US Government (Government)

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| $ function| jQuery object| Drupal object| jQuery111205999000987678946 string| GoogleAnalyticsObject function| ga object| Modernizr object| respond function| yepnope object| google_tag_data object| gaplugins object| gaGlobal object| gaData

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			67.157.159.212/	1970-01-18 20:56:53	Name: _gid Value: GA1.1.440029966.1544127548
			67.157.159.212/	1970-01-19 14:26:39	Name: _ga Value: GA1.1.61622234.1544127548
			67.157.159.212/	1970-01-18 20:55:27	Name: _gat Value: 1
			67.157.159.212/	1969-12-31 23:59:59	Name: has_js Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
www.google-analytics.com
2a00:1450:4001:81f::200e
2a00:1450:4001:821::200a
67.157.159.212
0c476afad7ea7b18163c774fa69bc5daa63267500b2e33b824277b5ba2ed51b1
14fb8ac09f9f5865578ac8d268d7a4802e9dd631a83be2888e1b6d1caa94b7fe
2fcf6daec5810028718e7be157351cd76894ddff879ed0aa53bc49d4b13b4f70
3c66c98070940817f8760ecaf4ab7c680c2c0299dd3f8199f51b93a0fcb7f859
5286059b47aaae5559ddbbbde68b8ee196e5c938eeb50e9fc39d8b702ee0be0e
58c27035b7a2e589df397e5d7e05424b90b8c1aaaf73eff47d5ed6daecb70f25
80faa362aedfa9d333c3cfb6f57590215a034964e66421b2f4ea9a1e9a4dc6e4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
914814af082c8a4d08fb4505fa222b898bbfa0b7b058d54847dfa695d4891478
9506997e3569c0ffe818da9db56092a494f510ca9774c894f387a42cbc509dce
a67456fc3088681e2c086333b19515af8d353c3d11bd21f0f473a28a6a78077a
a8c12e55886e9d355e00e1c6489dcb9356dca141bdf0e3af9326b82fd772538a
abe4edc8768700c804651cd8a8e2ecd03f1e63de07ea14cdc93f7bfe0d694233
b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255
bd29a1a71fd3f804a1cadfd6316e7f4dcc30c493f58a6a1539af23bf02ff9b11
c02d287ea197fe6b410f2a1b1ce7b49851524637d730036397f387f54fe6a55d
f2af66415bb61e8f4f27140240d8f350728296bd4047b4aa712551beceb6253c
f52fa3b04cc7bf896feba9a469afeee09cfb1568caca9aab0b7599c30a370b5c
fcde700f9e7dd55ddae140848779db15faecf7f06486d5f9baa9a0102d1f6683