Security Scan Report: events.dcnr.pa.gov

Submitted: Jun 25, 2026, 3:43:09 AMCompleted: Jun 25, 2026, 3:44:18 AMpubliccompleted
Loading additional data...

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 2 HTTP transactions. The main domain is events.dcnr.pa.gov and was registered NaN years ago.

Submitted URL: https://events.dcnr.pa.gov/

The Cisco Umbrella rank of the primary domain is #33,087 of the top 1 million websites

AI Security Verdict

Moderate Risk

Confidence: 80%

5
Risk Score

The site hosts login and payment forms on a legitimate government domain but lacks malicious indicators; treat as high‑risk due to credential collection.

Risk Factors
Credential collection on a public website
Payment information collection without clear merchant context
Potential for credential harvesting despite lack of external exfiltration
Safety Factors
Official government domain (events.dcnr.pa.gov) with long registration history
No malicious Indicators of Compromise, YARA, or IDS alerts
Forms submit to same origin (no cross‑origin exfiltration)
Meta tags correctly reflect the site’s own brand
Established domain (9113 days old) with no strong malicious indicators — risk clamped from 8 to 5
Domain age information unavailable

Details

Page Title

Events Calendar - DCNR Calendar of Events

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

education learning

(68%)

Domain Information

You're looking at domain 'events.dcnr.pa.gov' on the United States government-restricted top-level domain (.gov) with subdomain 'events.dcnr'. Count 2 characters in 'pa' holding one vowel versus 1 consonant. It segments into 1 word: pa. Median word length is 2 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://events.dcnr.pa.gov/

Page Load Overview

2.41s
Total Load Time
252
HTTP Requests
7
Domains
1.0 MB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:34,562 chars
Detector Agreement:100%

Website Classification

Primary Category

education learning68% confidence
Type: dynamic
Method: ml+structural

All Detected Categories

education learning
68%
healthcare medical
61%
government
48%
government public service
46%
adult content
39%

Detected Features

Search
Payment
OG: website

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
42157.240.0.6Frankfurt am Main, Hesse, Germany
AS32934Facebook, Inc.
423.171.211.97United States
AS16509Amazon.com, Inc.
4213.92.255.122Washington, Virginia, United States
AS8075Microsoft Corporation
4216.15.199.49Ashburn, Virginia, United States
AS14618Amazon.com, Inc.
42142.251.13.97United States
AS15169Google LLC
42150.171.109.194United States
AS8075Microsoft Corporation
2526--

Detected Technologies2

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T165B471B2B244583F131F9ACE6751670A6762F2C2DA720091E1F18FB823D7DA6711E64F

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

12288:ZXoAWfVRiRoh+TUQy7Q9eeUd+fgfe3I4RKhSCmPDnY4kNGNO0CrXjEbApqJqmXwZ:ZXoAWfVRiRoh+TUQy7Q9eeUd+fgfe3IN

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:500159:SIgREGWBAFIUEJhSxBDATrEBkIA4sIAHCwiJASEWacx3EARZM4SGIGoCgsLCkz8szgiEKMSkCoIQIiDKAADkKCAQomAJwZ0i

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Scan History

Scan history not available

Unable to load historical scan data