www.doli.gov.np
Open in
urlscan Pro
202.45.144.24
Malicious Activity!
Public Scan
Submission: On April 29 via manual from US
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on March 6th 2021. Valid for: 3 months.
This is the only time www.doli.gov.np was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: GoDaddy (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
13 | 202.45.144.24 202.45.144.24 | 45353 (NITC-AS-A...) (NITC-AS-AP NITC: IT Agency of Government of Nepal) | |
10 | 23.35.110.241 23.35.110.241 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
26 | 3 |
ASN45353 (NITC-AS-AP NITC: IT Agency of Government of Nepal, NP)
PTR: webcpanel2.nitc.gov.np
www.doli.gov.np |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-35-110-241.deploy.static.akamaitechnologies.com
img1.wsimg.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
doli.gov.np
www.doli.gov.np |
2 MB |
10 |
wsimg.com
img1.wsimg.com |
304 KB |
0 |
secureserver.net
Failed
events.secureserver.net Failed |
|
26 | 3 |
Domain | Requested by | |
---|---|---|
13 | www.doli.gov.np |
www.doli.gov.np
|
10 | img1.wsimg.com |
www.doli.gov.np
|
0 | events.secureserver.net Failed | |
26 | 3 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
doli.gov.np cPanel, Inc. Certification Authority |
2021-03-06 - 2021-06-04 |
3 months | crt.sh |
*.wsimg.com Starfield Secure Certificate Authority - G2 |
2021-03-05 - 2022-04-06 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.doli.gov.np/ogss/sogodadd/
Frame ID: A21F2D0CBE4D6050BCD8C15FFBEAEA2C
Requests: 26 HTTP requests in this frame
59 Outgoing links
These are links going to different origins than the main page.
Title: Argentina - Español
Search URL Search Domain Scan URL
Title: Australia - English
Search URL Search Domain Scan URL
Title: België - Nederlands
Search URL Search Domain Scan URL
Title: Belgique - Français
Search URL Search Domain Scan URL
Title: Brasil - Português
Search URL Search Domain Scan URL
Title: Canada - English
Search URL Search Domain Scan URL
Title: Canada - Français
Search URL Search Domain Scan URL
Title: Chile - Español
Search URL Search Domain Scan URL
Title: Colombia - Español
Search URL Search Domain Scan URL
Title: Danmark - Dansk
Search URL Search Domain Scan URL
Title: Deutschland - Deutsch
Search URL Search Domain Scan URL
Title: España - Español
Search URL Search Domain Scan URL
Title: Estados Unidos - Español
Search URL Search Domain Scan URL
Title: France - Français
Search URL Search Domain Scan URL
Title: Hong Kong - English
Search URL Search Domain Scan URL
Title: India - English
Search URL Search Domain Scan URL
Title: India - मराठी
Search URL Search Domain Scan URL
Title: India - हिंदी
Search URL Search Domain Scan URL
Title: India - தமிழ்
Search URL Search Domain Scan URL
Title: Indonesia - Bahasa Indonesia
Search URL Search Domain Scan URL
Title: Ireland - English
Search URL Search Domain Scan URL
Title: Israel - English
Search URL Search Domain Scan URL
Title: Italia - Italiano
Search URL Search Domain Scan URL
Title: Malaysia - English
Search URL Search Domain Scan URL
Title: México - Español
Search URL Search Domain Scan URL
Title: Nederland - Nederlands
Search URL Search Domain Scan URL
Title: New Zealand - English
Search URL Search Domain Scan URL
Title: Norge - Bokmål
Search URL Search Domain Scan URL
Title: Österreich - Deutsch
Search URL Search Domain Scan URL
Title: Pakistan - English
Search URL Search Domain Scan URL
Title: Perú - Español
Search URL Search Domain Scan URL
Title: Philippines - English
Search URL Search Domain Scan URL
Title: Polska - Polski
Search URL Search Domain Scan URL
Title: Portugal - Português
Search URL Search Domain Scan URL
Title: Schweiz - Deutsch
Search URL Search Domain Scan URL
Title: Singapore - English
Search URL Search Domain Scan URL
Title: South Africa - English
Search URL Search Domain Scan URL
Title: Suisse - Français
Search URL Search Domain Scan URL
Title: Suomi - Suomi
Search URL Search Domain Scan URL
Title: Sverige - Svenska
Search URL Search Domain Scan URL
Title: Svizzera - Italiano
Search URL Search Domain Scan URL
Title: Türkiye - Türkçe
Search URL Search Domain Scan URL
Title: United Arab Emirates - English
Search URL Search Domain Scan URL
Title: United Kingdom - English
Search URL Search Domain Scan URL
Title: United States - English
Search URL Search Domain Scan URL
Title: Venezuela - Español
Search URL Search Domain Scan URL
Title: Việt Nam - Tiếng Việt
Search URL Search Domain Scan URL
Title: Ελλάδα - Ελληνικά
Search URL Search Domain Scan URL
Title: Россия - Русский
Search URL Search Domain Scan URL
Title: Україна - Українська
Search URL Search Domain Scan URL
Title: ไทย - ไทย
Search URL Search Domain Scan URL
Title: 대한민국 - 한국어
Search URL Search Domain Scan URL
Title: 台灣 - 繁體中文
Search URL Search Domain Scan URL
Title: 新加坡 - 简体中文
Search URL Search Domain Scan URL
Title: 日本 - 日本語
Search URL Search Domain Scan URL
Title: 香港 - 繁體中文
Search URL Search Domain Scan URL
Title: Phone numbers and hours
Search URL Search Domain Scan URL
Title: Get Help
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
26 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
www.doli.gov.np/ogss/sogodadd/ |
64 KB 15 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uxfont.woff2
img1.wsimg.com/ux/fonts/uxfont/2.0/ |
12 KB 12 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gd-sage-bold.woff2
img1.wsimg.com/ux/fonts/gd-sage/1.0/ |
39 KB 39 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gdsherpa-bold.woff2
img1.wsimg.com/ux/fonts/sherpa/1.0/ |
25 KB 25 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gdsherpa-regular.woff2
img1.wsimg.com/ux/fonts/sherpa/1.0/ |
26 KB 26 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
4549d38e45
www.doli.gov.np/ogss/sogodadd/files/ |
57 B 273 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nr-1130.min.js.download
www.doli.gov.np/ogss/sogodadd/files/ |
24 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
uxcore2.min.css
www.doli.gov.np/ogss/sogodadd/files/ |
226 KB 226 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
utilityheader.min.css
www.doli.gov.np/ogss/sogodadd/files/ |
71 KB 71 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tcc.min.js.download
www.doli.gov.np/ogss/sogodadd/files/ |
101 KB 101 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
polyfill.min.js.download
www.doli.gov.np/ogss/sogodadd/files/ |
72 B 326 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vendor.min.js.download
www.doli.gov.np/ogss/sogodadd/files/ |
221 KB 222 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
uxcore2.min.js.download
www.doli.gov.np/ogss/sogodadd/files/ |
247 KB 247 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
heartbeat.min.js.download
www.doli.gov.np/ogss/sogodadd/files/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
utilityheader.min.js.download
www.doli.gov.np/ogss/sogodadd/files/ |
237 KB 237 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
button.PNG
www.doli.gov.np/ogss/sogodadd/files/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login-panel.js.download
www.doli.gov.np/ogss/sogodadd/files/ |
453 KB 454 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
pageEvents.aspx
events.secureserver.net/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
image.aspx
events.secureserver.net/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tcc.min.js
img1.wsimg.com/wrhs/5c9b528df71b1f94049305db46cb91e4/ |
101 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
polyfill.min.js
img1.wsimg.com/poly/v3/ |
72 B 579 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor.min.js
img1.wsimg.com/wrhs/8cb36bd60ad5db1a5950fb0863a1627c/ |
221 KB 61 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uxcore2.min.js
img1.wsimg.com/wrhs/4b9786790d8fcb17b697d8ca9a748837/ |
247 KB 58 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
heartbeat.min.js
img1.wsimg.com/wrhs/4a3e8d4a329e0cbc5c9e16996cb9b3f7/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utilityheader.min.js
img1.wsimg.com/wrhs/1b9e61bec78476f4c353f102b984d998/ |
237 KB 54 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
b.aspx
events.secureserver.net/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- events.secureserver.net
- URL
- https://events.secureserver.net/pageEvents.aspx?timestamp=1619724158691&corrid=1184455498&event_type=page.event&eventdate=2021-04-29T19%3A22%3A38.691Z&eventtype=experiment&e_id=traffic.tcc.instrumentation.experiment.add_experiment&usrin=experiment_type%2Cabn%5Eexperiment_id%2Csso.split_io.react_layout.deepsee%5Evariant_id%2Ccontrol%5Econtent_id%2Cundefined%5Eexperiment_source%2CSplitIO&hit_id=9387cc12-9a98-5264-a21b-c2002cdb262a&referrer=&vs=visible&rand=1932556128&sitename=www.doli.gov.np&page=%2Fogss%2Fsogodadd%2F&location=https%3A%2F%2Fwww.doli.gov.np%2Fogss%2Fsogodadd%2F&visitor_guid=c058d037-0bcb-5f5d-a4eb-96d5e41684b7&environment_name=prod
- Domain
- events.secureserver.net
- URL
- https://events.secureserver.net/image.aspx?corrid=1184455498×tamp=1619724158722&event_type=page.request&page=%2Fogss%2Fsogodadd&hw=2&browx=1600&browy=1200&resx=1600&resy=1200&cdepth=24&cv=3.7.2&hit_id=9d21c5ea-e588-5ec5-a9f3-d235c3472efe&referrer=&vs=visible&rand=1525657050&sitename=www.doli.gov.np&location=https%3A%2F%2Fwww.doli.gov.np%2Fogss%2Fsogodadd%2F&visitor_guid=e609b191-e2c0-5171-b003-a392b8b99b26&environment_name=prod
- Domain
- events.secureserver.net
- URL
- https://events.secureserver.net/b.aspx?timestamp=1619724162293&corrid=1184455498&event_type=page.log&eventdate=2021-04-29T19%3A22%3A42.292Z&eventtype=pageperf&nav_type=hard&tccin=auto&connectEnd=1619724157259&connectStart=1619724156876&domComplete=1619724162233&domContentLoadedEventEnd=1619724162233&domContentLoadedEventStart=1619724162232&domInteractive=1619724162232&domLoading=1619724157463&domainLookupEnd=1619724156876&domainLookupStart=1619724156695&fetchStart=1619724156693&navigationStart=1619724156690&requestStart=1619724157259&responseEnd=1619724157633&responseStart=1619724157460&loadEventStart=1619724162233&loadEventEnd=0&transferSize=15094&encodedBodySize=14830&decodedBodySize=65703&navigationType=navigate&fp=4028&fcp=4028&hit_id=8d10a998-0a6b-51da-9957-f2ec2c46a663&referrer=&vs=visible&rand=1127839315&sitename=www.doli.gov.np&page=%2Fogss%2Fsogodadd&location=https%3A%2F%2Fwww.doli.gov.np%2Fogss%2Fsogodadd%2F&visitor_guid=31f5edf6-014f-56f3-beb9-a3fae0fcbea8&environment_name=prod
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: GoDaddy (Online)33 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| _expDataLayer object| sso string| split object| ux object| _analyticsDataLayer boolean| _tccPageReqFired object| _tccInternal object| _tccTrackingValues object| _trfq object| tcc object| babelHelpers object| React object| ReactDOM object| PropTypes object| ReactTransitionGroup object| heartbeat function| setImmediate function| clearImmediate object| UtilityHeader object| _gaDataLayer function| fire_virtual_page function| fire_virtual_event0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
events.secureserver.net
img1.wsimg.com
www.doli.gov.np
events.secureserver.net
202.45.144.24
23.35.110.241
0e78b8cde09dbe0fc473f87bc77ec30ccc56780398d8676cf93c4aaec432257f
192491b286f108eaf8039bee71fcf5e0e6bea567bd040177b004e74c6de324b9
2a1f8fca41481cb0435cb42baecacf7fc78f1c9b8503b358a6c15b1aa763921a
2d64903efdf109c0e7281472e014c2adb03055f75d941e5d0e5ab62a644ccf1d
2ded7c7b8ce3c10842fb6d0527a098f2cde9e15f38cb7e723a04a2dbf55419d2
33c3bf91a25c2b7a355ab82043af5b30efd739892586c6fef51a740c1429265d
4e729cb03aae3843f08d49b187de566cce586da0b384787cc304dbe43a713b70
702cdbf41879a81b680a2185466c7eda3f3f137372eb430fe47a51963d2e7f28
87c0f2934654d71243acb7e4fe45c610dc93eef0ccf6e1d5de01c1ef7f06daf5
89e3135e8430b71c9470eebafc1bb498233cdde661240a03d3e864fb59a890be
8e768f47380d3cf70d8f0106a8c5c4bc8387ca2cb1ea508df0b3bb551d4d2c1c
982c2998bad423f66dc577ad4eb9d5e0954b846dbc5720473030d92797268127
9a64a4f99eeb6e5ca0dfff0225d50c0dd2f70b7695ea646feebb786a67c29fb7
a976c28db56ea7a1e01ccb2b67f9ad923a0cfae8e0be17d0037b29ebb0e6c270
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
ce3d9ff9283c62ed687f679116162a2c49df8173d887f2fc8b12df6289a1856f
da459e6ba436a0586c7d7e6f2758f1856fdc5636ea161eb5f931411acd957f8e