cms.nic.in Open in urlscan Pro
164.100.198.93 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://cms.nic.in/ncdrcusersWeb/causelist.do?method=loadCauseListViewPub
Submission: On May 12 via manual (May 12th 2024, 1:31:50 pm UTC) from IN — Scanned from DE

Summary HTTP 19 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 19 HTTP transactions. The main IP is 164.100.198.93, located in Delhi, India and belongs to NICNET-VSNL-BOARDER-AP National Informatics Centre, IN. The main domain is cms.nic.in.
TLS certificate: Issued by R3 on January 24th 2024. Valid for: 3 months.

This is the only time cms.nic.in was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Office 365 (Online)

Domain & IP information

	IP Address		AS Autonomous System
19	164.100.198.93 164.100.198.93		4758 (NICNET-VS...) (NICNET-VSNL-BOARDER-AP National Informatics Centre)
19	1

19 164.100.198.93 (Delhi, India)

ASN4758 (NICNET-VSNL-BOARDER-AP National Informatics Centre, IN)

cms.nic.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	cms.nic.in cms.nic.in	989 KB
19	1

	Domain	Requested by
19	cms.nic.in	cms.nic.in
19	1

This site contains links to these domains. Also see Links.

Domain
confonet.nic.in
www.nic.in

Subject Issuer	Validity	Valid
cms.nic.in R3	`2024-01-24` - `2024-04-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://cms.nic.in/ncdrcusersWeb/causelist.do?method=loadCauseListViewPub
Frame ID: 4BB7033E55F7343405A0E5AF60AEE5B0
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Causelist | Confonet

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

19
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

989 kB
Transfer

1000 kB
Size

1
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://confonet.nic.in/
Title: ConfoNet

Search URL Search Domain Scan URL

URL: http://confonet.nic.in/help/causelistsearch.pdf
Title: Help

Search URL Search Domain Scan URL

URL: https://www.nic.in/
Title: National Informatics Centre (NIC)

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request causelist.do Show response cms.nic.in/ncdrcusersWeb/	19 KB 6 KB	1241ms 192ms	Document text/html	164.100.198.93 NICNET-VSNL-BOARD...
General Check archive.org Show headers Download Go to Full URL https://cms.nic.in/ncdrcusersWeb/causelist.do?method=loadCauseListViewPub Protocol H2 Security TLS 1.3, , AES_128_GCM Server 164.100.198.93 Delhi, India, ASN4758 (NICNET-VSNL-BOARDER-AP National Informatics Centre, IN), Reverse DNS Software / Servlet/3.0 Resource Hash `4ba4feb4d5d727717cbaa0f94701ece0656358eacf8ee8e3827a8d5ca725ac19` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=2592000 cache-control no-cache="set-cookie, set-cookie2" content-encoding gzip content-language en-US content-type text/html; charset=ISO-8859-1 date Sun, 12 May 2024 13:28:17 GMT expires Thu, 01 Dec 1994 16:00:00 GMT x-powered-by Servlet/3.0
GET H2	200	bootstrap.min.css cms.nic.in/ncdrcusersWeb/assets/vendor/bootstrap/css/	236 KB 236 KB	367ms 364ms	Stylesheet text/css	164.100.198.93 NICNET-VSNL-BOARD...
General Check archive.org Show headers Download Go to Full URL https://cms.nic.in/ncdrcusersWeb/assets/vendor/bootstrap/css/bootstrap.min.css Requested by Host: cms.nic.in URL: https://cms.nic.in/ncdrcusersWeb/causelist.do?method=loadCauseListViewPub Protocol H2 Security TLS 1.3, , AES_128_GCM Server 164.100.198.93 Delhi, India, ASN4758 (NICNET-VSNL-BOARDER-AP National Informatics Centre, IN), Reverse DNS Software / Servlet/3.0 Resource Hash `a06a80843e34a56c38d92ce47cb7b48f3a68767c24ec6b207b0a638792037618` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://cms.nic.in/ncdrcusersWeb/causelist.do?method=loadCauseListViewPub Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-type text/css date Sun, 12 May 2024 13:28:17 GMT last-modified Thu, 05 Jan 2023 13:56:50 GMT alt-svc h3=":443"; ma=2592000 x-powered-by Servlet/3.0 content-length 241938 content-language en-US
GET H2	200	bootstrap-icons.css cms.nic.in/ncdrcusersWeb/assets/vendor/bootstrap-icons/	87 KB 87 KB	187ms 184ms	Stylesheet text/css	164.100.198.93 NICNET-VSNL-BOARD...
General Check archive.org Show headers Download Go to Full URL https://cms.nic.in/ncdrcusersWeb/assets/vendor/bootstrap-icons/bootstrap-icons.css Requested by Host: cms.nic.in URL: https://cms.nic.in/ncdrcusersWeb/causelist.do?method=loadCauseListViewPub Protocol H2 Security TLS 1.3, , AES_128_GCM Server 164.100.198.93 Delhi, India, ASN4758 (NICNET-VSNL-BOARDER-AP National Informatics Centre, IN), Reverse DNS Software / Servlet/3.0 Resource Hash `674d400c329e115d2934751723dfde815b4d6a91e7e7ec76b6f869070a3b9815` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://cms.nic.in/ncdrcusersWeb/causelist.do?method=loadCauseListViewPub Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-type text/css date Sun, 12 May 2024 13:28:17 GMT last-modified Thu, 05 Jan 2023 13:56:50 GMT alt-svc h3=":443"; ma=2592000 x-powered-by Servlet/3.0 content-length 88587 content-language en-US
GET H2	200	style.css cms.nic.in/ncdrcusersWeb/assets/css/	35 KB 35 KB	407ms 404ms	Stylesheet text/css	164.100.198.93 NICNET-VSNL-BOARD...
General Check archive.org Show headers Download Go to Full URL https://cms.nic.in/ncdrcusersWeb/assets/css/style.css Requested by Host: cms.nic.in URL: https://cms.nic.in/ncdrcusersWeb/causelist.do?method=loadCauseListViewPub Protocol H2 Security TLS 1.3, , AES_128_GCM Server 164.100.198.93 Delhi, India, ASN4758 (NICNET-VSNL-BOARDER-AP National Informatics Centre, IN), Reverse DNS Software / Servlet/3.0 Resource Hash `8bbf2f5757b2fd8e16aa0665c7e04a5fba8d752c9b1c2a206b83a3706e7abf05` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://cms.nic.in/ncdrcusersWeb/causelist.do?method=loadCauseListViewPub Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-type text/css date Sun, 12 May 2024 13:28:17 GMT last-modified Thu, 05 Jan 2023 13:56:46 GMT alt-svc h3=":443"; ma=2592000 x-powered-by Servlet/3.0 content-length 36092 content-language en-US
GET H2	200	jquery-ui.css cms.nic.in/ncdrcusersWeb/causelist/css/	35 KB 35 KB	407ms 405ms	Stylesheet text/css	164.100.198.93 NICNET-VSNL-BOARD...
General Check archive.org Show headers Download Go to Full URL https://cms.nic.in/ncdrcusersWeb/causelist/css/jquery-ui.css Requested by Host: cms.nic.in URL: https://cms.nic.in/ncdrcusersWeb/causelist.do?method=loadCauseListViewPub Protocol H2 Security TLS 1.3, , AES_128_GCM Server 164.100.198.93 Delhi, India, ASN4758 (NICNET-VSNL-BOARDER-AP National Informatics Centre, IN), Reverse DNS Software / Servlet/3.0 Resource Hash `6a2d0140b13c2d5b8e56ebe233629ecba875a2f67b4d0c5992f44a3454f3f5aa` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://cms.nic.in/ncdrcusersWeb/causelist.do?method=loadCauseListViewPub Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-type text/css date Sun, 12 May 2024 13:28:17 GMT last-modified Fri, 25 Jun 2021 00:12:50 GMT alt-svc h3=":443"; ma=2592000 x-powered-by Servlet/3.0 content-length 35348 content-language en-US
GET H2	200	bootstrap.min.css cms.nic.in/ncdrcusersWeb/causelist/css/	112 KB 112 KB	723ms 720ms	Stylesheet text/css	164.100.198.93 NICNET-VSNL-BOARD...
General Check archive.org Show headers Download Go to Full URL https://cms.nic.in/ncdrcusersWeb/causelist/css/bootstrap.min.css Requested by Host: cms.nic.in URL: https://cms.nic.in/ncdrcusersWeb/causelist.do?method=loadCauseListViewPub Protocol H2 Security TLS 1.3, , AES_128_GCM Server 164.100.198.93 Delhi, India, ASN4758 (NICNET-VSNL-BOARDER-AP National Informatics Centre, IN), Reverse DNS Software / Servlet/3.0 Resource Hash `a6e1112d6664bcf417293a6f86510d7a16cf907c500f909e23241e419d26d0fb` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://cms.nic.in/ncdrcusersWeb/causelist.do?method=loadCauseListViewPub Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-type text/css date Sun, 12 May 2024 13:28:17 GMT last-modified Fri, 25 Jun 2021 00:12:50 GMT alt-svc h3=":443"; ma=2592000 x-powered-by Servlet/3.0 content-length 114738 content-language en-US
GET H2	200	jquery.datepick.css cms.nic.in/ncdrcusersWeb/causelist/css/	4 KB 4 KB	764ms 762ms	Stylesheet text/css	164.100.198.93 NICNET-VSNL-BOARD...
General Check archive.org Show headers Download Go to Full URL https://cms.nic.in/ncdrcusersWeb/causelist/css/jquery.datepick.css Requested by Host: cms.nic.in URL: https://cms.nic.in/ncdrcusersWeb/causelist.do?method=loadCauseListViewPub Protocol H2 Security TLS 1.3, , AES_128_GCM Server 164.100.198.93 Delhi, India, ASN4758 (NICNET-VSNL-BOARDER-AP National Informatics Centre, IN), Reverse DNS Software / Servlet/3.0 Resource Hash `2a2883104f06e86c4535d40b4d4028a39d80db01d4a30783fef6d9b7cf143bd7` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://cms.nic.in/ncdrcusersWeb/causelist.do?method=loadCauseListViewPub Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-type text/css date Sun, 12 May 2024 13:28:17 GMT last-modified Fri, 25 Jun 2021 00:12:50 GMT alt-svc h3=":443"; ma=2592000 x-powered-by Servlet/3.0 content-length 4421 content-language en-US
GET H2	200	jquery-1.11.1.min.js Show response cms.nic.in/ncdrcusersWeb/causelist/js/	94 KB 94 KB	764ms 762ms	Script application/javascript	164.100.198.93 NICNET-VSNL-BOARD...
General Check archive.org Show headers Download Go to Full URL https://cms.nic.in/ncdrcusersWeb/causelist/js/jquery-1.11.1.min.js Requested by Host: cms.nic.in URL: https://cms.nic.in/ncdrcusersWeb/causelist.do?method=loadCauseListViewPub Protocol H2 Security TLS 1.3, , AES_128_GCM Server 164.100.198.93 Delhi, India, ASN4758 (NICNET-VSNL-BOARDER-AP National Informatics Centre, IN), Reverse DNS Software / Servlet/3.0 Resource Hash `540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://cms.nic.in/ncdrcusersWeb/causelist.do?method=loadCauseListViewPub Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-type application/javascript; charset=utf-8 date Sun, 12 May 2024 13:28:17 GMT last-modified Fri, 25 Jun 2021 00:12:50 GMT alt-svc h3=":443"; ma=2592000 x-powered-by Servlet/3.0 content-length 95786 content-language en-US
GET H2	200	jquery.plugin.js Show response cms.nic.in/ncdrcusersWeb/causelist/js/	11 KB 11 KB	764ms 762ms	Script application/javascript	164.100.198.93 NICNET-VSNL-BOARD...
General Check archive.org Show headers Download Go to Full URL https://cms.nic.in/ncdrcusersWeb/causelist/js/jquery.plugin.js Requested by Host: cms.nic.in URL: https://cms.nic.in/ncdrcusersWeb/causelist.do?method=loadCauseListViewPub Protocol H2 Security TLS 1.3, , AES_128_GCM Server 164.100.198.93 Delhi, India, ASN4758 (NICNET-VSNL-BOARDER-AP National Informatics Centre, IN), Reverse DNS Software / Servlet/3.0 Resource Hash `d45de42dbb732bdeee06c0a2c239304b6fc3b7b3f2f535e96841f7a79db60b1a` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://cms.nic.in/ncdrcusersWeb/causelist.do?method=loadCauseListViewPub Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-type application/javascript; charset=utf-8 date Sun, 12 May 2024 13:28:17 GMT last-modified Fri, 25 Jun 2021 00:12:50 GMT alt-svc h3=":443"; ma=2592000 x-powered-by Servlet/3.0 content-length 11538 content-language en-US
GET H2	200	jquery.datepick.js Show response cms.nic.in/ncdrcusersWeb/causelist/js/	92 KB 92 KB	764ms 762ms	Script application/javascript	164.100.198.93 NICNET-VSNL-BOARD...
General Check archive.org Show headers Download Go to Full URL https://cms.nic.in/ncdrcusersWeb/causelist/js/jquery.datepick.js Requested by Host: cms.nic.in URL: https://cms.nic.in/ncdrcusersWeb/causelist.do?method=loadCauseListViewPub Protocol H2 Security TLS 1.3, , AES_128_GCM Server 164.100.198.93 Delhi, India, ASN4758 (NICNET-VSNL-BOARDER-AP National Informatics Centre, IN), Reverse DNS Software / Servlet/3.0 Resource Hash `ddfc1a3a72f33baa1e2676cceaecf88a5806da004dbd0dc869df688dd0842160` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://cms.nic.in/ncdrcusersWeb/causelist.do?method=loadCauseListViewPub Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-type application/javascript; charset=utf-8 date Sun, 12 May 2024 13:28:17 GMT last-modified Fri, 25 Jun 2021 00:12:50 GMT alt-svc h3=":443"; ma=2592000 x-powered-by Servlet/3.0 content-length 94591 content-language en-US
GET H2	200	datevalidator.js Show response cms.nic.in/ncdrcusersWeb/causelist/js/	19 KB 19 KB	764ms 763ms	Script application/javascript	164.100.198.93 NICNET-VSNL-BOARD...
General Check archive.org Show headers Download Go to Full URL https://cms.nic.in/ncdrcusersWeb/causelist/js/datevalidator.js Requested by Host: cms.nic.in URL: https://cms.nic.in/ncdrcusersWeb/causelist.do?method=loadCauseListViewPub Protocol H2 Security TLS 1.3, , AES_128_GCM Server 164.100.198.93 Delhi, India, ASN4758 (NICNET-VSNL-BOARDER-AP National Informatics Centre, IN), Reverse DNS Software / Servlet/3.0 Resource Hash `26c80414143248f1eff4d8d8ff6141198cc43ef6ed42369934f36e0b3d5f0f8e` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://cms.nic.in/ncdrcusersWeb/causelist.do?method=loadCauseListViewPub Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-type application/javascript; charset=utf-8 date Sun, 12 May 2024 13:28:17 GMT last-modified Fri, 25 Jun 2021 00:12:50 GMT alt-svc h3=":443"; ma=2592000 x-powered-by Servlet/3.0 content-length 19191 content-language en-US
GET H2	200	emblem-white.png cms.nic.in/ncdrcusersWeb/assets/img/	4 KB 4 KB	764ms 763ms	Image image/png	164.100.198.93 NICNET-VSNL-BOARD...
General Check archive.org Show headers Download Go to Show image Full URL https://cms.nic.in/ncdrcusersWeb/assets/img/emblem-white.png Requested by Host: cms.nic.in URL: https://cms.nic.in/ncdrcusersWeb/causelist.do?method=loadCauseListViewPub Protocol H2 Security TLS 1.3, , AES_128_GCM Server 164.100.198.93 Delhi, India, ASN4758 (NICNET-VSNL-BOARDER-AP National Informatics Centre, IN), Reverse DNS Software / Servlet/3.0 Resource Hash `99bd5bb83b367ab46a7eb862c50d601736848716d5b66fa3f6936923c9444458` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://cms.nic.in/ncdrcusersWeb/causelist.do?method=loadCauseListViewPub Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-type image/png date Sun, 12 May 2024 13:28:17 GMT last-modified Thu, 05 Jan 2023 13:56:48 GMT alt-svc h3=":443"; ma=2592000 x-powered-by Servlet/3.0 content-length 4120 content-language en-US
GET H2	200	nic_logo_white.svg cms.nic.in/ncdrcusersWeb/assets/img/	13 KB 13 KB	764ms 763ms	Image image/svg+xml	164.100.198.93 NICNET-VSNL-BOARD...
General Check archive.org Show headers Download Go to Show image Full URL https://cms.nic.in/ncdrcusersWeb/assets/img/nic_logo_white.svg Requested by Host: cms.nic.in URL: https://cms.nic.in/ncdrcusersWeb/causelist.do?method=loadCauseListViewPub Protocol H2 Security TLS 1.3, , AES_128_GCM Server 164.100.198.93 Delhi, India, ASN4758 (NICNET-VSNL-BOARDER-AP National Informatics Centre, IN), Reverse DNS Software / Servlet/3.0 Resource Hash `e4861ab5cc52e8ae5d6eef65943523996114114e92170a0ce960644e3c88b9e6` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://cms.nic.in/ncdrcusersWeb/causelist.do?method=loadCauseListViewPub Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-type image/svg+xml date Sun, 12 May 2024 13:28:17 GMT last-modified Thu, 05 Jan 2023 13:56:48 GMT alt-svc h3=":443"; ma=2592000 x-powered-by Servlet/3.0 content-length 13217 content-language en-US
GET H2	200	busy.gif cms.nic.in/ncdrcusersWeb/causelist/img/	3 KB 3 KB	197ms 196ms	Image image/gif	164.100.198.93 NICNET-VSNL-BOARD...
General Check archive.org Show headers Download Go to Show image Full URL https://cms.nic.in/ncdrcusersWeb/causelist/img/busy.gif Requested by Host: cms.nic.in URL: https://cms.nic.in/ncdrcusersWeb/causelist.do?method=loadCauseListViewPub Protocol H2 Security TLS 1.3, , AES_128_GCM Server 164.100.198.93 Delhi, India, ASN4758 (NICNET-VSNL-BOARDER-AP National Informatics Centre, IN), Reverse DNS Software / Servlet/3.0 Resource Hash `67045b2289294c222cbab0dbfd07e0af1a40ba39c4ff6165ea9578e2345385da` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://cms.nic.in/ncdrcusersWeb/causelist.do?method=loadCauseListViewPub Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-type image/gif date Sun, 12 May 2024 13:28:18 GMT last-modified Fri, 25 Jun 2021 00:12:50 GMT alt-svc h3=":443"; ma=2592000 x-powered-by Servlet/3.0 content-length 2892 content-language en-US
GET H2	200	main.js Show response cms.nic.in/ncdrcusersWeb/assets/js/	3 KB 4 KB	185ms 184ms	Script application/javascript	164.100.198.93 NICNET-VSNL-BOARD...
General Check archive.org Show headers Download Go to Full URL https://cms.nic.in/ncdrcusersWeb/assets/js/main.js Requested by Host: cms.nic.in URL: https://cms.nic.in/ncdrcusersWeb/causelist.do?method=loadCauseListViewPub Protocol H2 Security TLS 1.3, , AES_128_GCM Server 164.100.198.93 Delhi, India, ASN4758 (NICNET-VSNL-BOARDER-AP National Informatics Centre, IN), Reverse DNS Software / Servlet/3.0 Resource Hash `4df67e837e69f568ecf7addf740ca76b8b9b34acea60ee44a05e05f9ef348db1` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://cms.nic.in/ncdrcusersWeb/causelist.do?method=loadCauseListViewPub Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-type application/javascript; charset=utf-8 date Sun, 12 May 2024 13:28:18 GMT last-modified Thu, 05 Jan 2023 13:56:50 GMT alt-svc h3=":443"; ma=2592000 x-powered-by Servlet/3.0 content-length 3557 content-language en-US
GET H2	200	carousel-bg.png cms.nic.in/ncdrcusersWeb/assets/img/	139 B 169 B	184ms 184ms	Image image/png	164.100.198.93 NICNET-VSNL-BOARD...
General Check archive.org Show headers Download Go to Show image Full URL https://cms.nic.in/ncdrcusersWeb/assets/img/carousel-bg.png Requested by Host: cms.nic.in URL: https://cms.nic.in/ncdrcusersWeb/assets/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 164.100.198.93 Delhi, India, ASN4758 (NICNET-VSNL-BOARDER-AP National Informatics Centre, IN), Reverse DNS Software / Servlet/3.0 Resource Hash `fd69d3b9d2ef099265c989d2382d86b032873b4d1ae54e7793732d9adf4f8811` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://cms.nic.in/ncdrcusersWeb/assets/css/style.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-type image/png date Sun, 12 May 2024 13:28:18 GMT last-modified Thu, 05 Jan 2023 13:56:48 GMT alt-svc h3=":443"; ma=2592000 x-powered-by Servlet/3.0 content-length 139 content-language en-US
GET H2	200	ExpletusSans-Regular.woff cms.nic.in/ncdrcusersWeb/assets/fonts/	16 KB 16 KB	191ms 191ms	Font application/octet-stream	164.100.198.93 NICNET-VSNL-BOARD...
General Check archive.org Show headers Download Go to Full URL https://cms.nic.in/ncdrcusersWeb/assets/fonts/ExpletusSans-Regular.woff Requested by Host: cms.nic.in URL: https://cms.nic.in/ncdrcusersWeb/assets/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 164.100.198.93 Delhi, India, ASN4758 (NICNET-VSNL-BOARDER-AP National Informatics Centre, IN), Reverse DNS Software / Servlet/3.0 Resource Hash `a797da4b3bfb3c72bbbe0d460fc91b1b903d33cbb4a6d9a92cced483a109397b` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://cms.nic.in/ncdrcusersWeb/assets/css/style.css Origin https://cms.nic.in Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-type text/plain; charset=utf-8 date Sun, 12 May 2024 13:28:18 GMT last-modified Thu, 05 Jan 2023 13:56:46 GMT alt-svc h3=":443"; ma=2592000 x-powered-by Servlet/3.0 content-length 16432 content-language en-US
GET H2	200	bootstrap-icons.woff2 cms.nic.in/ncdrcusersWeb/assets/vendor/bootstrap-icons/fonts/	110 KB 110 KB	192ms 192ms	Font application/octet-stream	164.100.198.93 NICNET-VSNL-BOARD...
General Check archive.org Show headers Download Go to Full URL https://cms.nic.in/ncdrcusersWeb/assets/vendor/bootstrap-icons/fonts/bootstrap-icons.woff2?8d200481aa7f02a2d63a331fc782cfaf Requested by Host: cms.nic.in URL: https://cms.nic.in/ncdrcusersWeb/assets/vendor/bootstrap-icons/bootstrap-icons.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 164.100.198.93 Delhi, India, ASN4758 (NICNET-VSNL-BOARDER-AP National Informatics Centre, IN), Reverse DNS Software / Servlet/3.0 Resource Hash `c69bf1ccae5f13b5aa4345dcfeb209a8148ad0bfa1e0678b93792aae0429c764` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://cms.nic.in/ncdrcusersWeb/assets/vendor/bootstrap-icons/bootstrap-icons.css Origin https://cms.nic.in Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-type text/plain; charset=utf-8 date Sun, 12 May 2024 13:28:18 GMT last-modified Thu, 05 Jan 2023 13:56:50 GMT alt-svc h3=":443"; ma=2592000 x-powered-by Servlet/3.0 content-length 112440 content-language en-US
GET H2	200	National-Emblem-01.svg cms.nic.in/ncdrcusersWeb/assets/img/	107 KB 107 KB	189ms 189ms	Other image/svg+xml	164.100.198.93 NICNET-VSNL-BOARD...
General Check archive.org Show headers Download Go to Full URL https://cms.nic.in/ncdrcusersWeb/assets/img/National-Emblem-01.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 164.100.198.93 Delhi, India, ASN4758 (NICNET-VSNL-BOARDER-AP National Informatics Centre, IN), Reverse DNS Software / Servlet/3.0 Resource Hash `b96278264a1f6e361ba57c6bb4ac50a39eb1473543b28a7cda713ac7ee7bc40d` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://cms.nic.in/ncdrcusersWeb/causelist.do?method=loadCauseListViewPub Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-type image/svg+xml date Sun, 12 May 2024 13:28:18 GMT last-modified Thu, 05 Jan 2023 13:56:48 GMT alt-svc h3=":443"; ma=2592000 x-powered-by Servlet/3.0 content-length 109517 content-language en-US

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Office 365 (Online)

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			cms.nic.in/	1969-12-31 23:59:59	Name: JSESSIONID Value: 0000yIh6CVp3e25aY795tDMkAI1:-1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cms.nic.in
164.100.198.93
26c80414143248f1eff4d8d8ff6141198cc43ef6ed42369934f36e0b3d5f0f8e
2a2883104f06e86c4535d40b4d4028a39d80db01d4a30783fef6d9b7cf143bd7
4ba4feb4d5d727717cbaa0f94701ece0656358eacf8ee8e3827a8d5ca725ac19
4df67e837e69f568ecf7addf740ca76b8b9b34acea60ee44a05e05f9ef348db1
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
67045b2289294c222cbab0dbfd07e0af1a40ba39c4ff6165ea9578e2345385da
674d400c329e115d2934751723dfde815b4d6a91e7e7ec76b6f869070a3b9815
6a2d0140b13c2d5b8e56ebe233629ecba875a2f67b4d0c5992f44a3454f3f5aa
8bbf2f5757b2fd8e16aa0665c7e04a5fba8d752c9b1c2a206b83a3706e7abf05
99bd5bb83b367ab46a7eb862c50d601736848716d5b66fa3f6936923c9444458
a06a80843e34a56c38d92ce47cb7b48f3a68767c24ec6b207b0a638792037618
a6e1112d6664bcf417293a6f86510d7a16cf907c500f909e23241e419d26d0fb
a797da4b3bfb3c72bbbe0d460fc91b1b903d33cbb4a6d9a92cced483a109397b
b96278264a1f6e361ba57c6bb4ac50a39eb1473543b28a7cda713ac7ee7bc40d
c69bf1ccae5f13b5aa4345dcfeb209a8148ad0bfa1e0678b93792aae0429c764
d45de42dbb732bdeee06c0a2c239304b6fc3b7b3f2f535e96841f7a79db60b1a
ddfc1a3a72f33baa1e2676cceaecf88a5806da004dbd0dc869df688dd0842160
e4861ab5cc52e8ae5d6eef65943523996114114e92170a0ce960644e3c88b9e6
fd69d3b9d2ef099265c989d2382d86b032873b4d1ae54e7793732d9adf4f8811

cms.nic.in Open in urlscan Pro 164.100.198.93 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

19 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

989 kBTransfer

1000 kBSize

1 Cookies

3 Outgoing links

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

31 JavaScript Global Variables

1 Cookies

Indicators

cms.nic.in Open in urlscan Pro
164.100.198.93 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

989 kB
Transfer

1000 kB
Size

1
Cookies

19 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!