context safety score
A score of 29/100 indicates multiple risk signals were detected. This entity shows patterns commonly associated with malicious intent.
phishing
1 deceptive links where visible host does not match destination host
brand impersonation
The site ssoid.net.in impersonates the official Rajasthan government SSO portal (sso.rajasthan.gov.in). It uses the exact branding, color scheme, logo, and service descriptions of the legitimate government portal while operating from a non-governmental .net.in domain. The footer disclaimer acknowledges 'This website is not run by the government' but the overall design is built to mimic the official portal and attract users searching for the real site. (location: page.html:7, page.html:177-180, page.html:624-626)
phishing
The site presents itself as the official Rajasthan SSO login portal and provides prominent 'SSO ID Login' and 'SSO ID Registration' buttons (linking to ssoid.net.in/sso-id-login.html and ssoid.net.in/sso-id-registration.html) that likely collect government credentials. Citizens seeking the real portal at sso.rajasthan.gov.in may be deceived into entering their government SSO credentials on this third-party site. (location: page.html:218-238)
credential harvesting
The site hosts dedicated login and registration pages (sso-id-login.html, sso-id-registration.html) and instructs users to enter SSO ID credentials including mobile number, email, Aadhaar number, and password. Collecting Aadhaar numbers (India's national biometric ID) and government SSO credentials on a non-governmental site constitutes serious credential harvesting of sensitive PII and government authentication data. (location: page.html:461-479, page.html:218-222)
social engineering
The site uses SEO keyword stuffing with official government search terms (sso.rajasthan.gov.in login, SSO Rajasthan gov in) to intercept organic search traffic intended for the real government portal. The page title, meta keywords, and content are engineered to rank in place of the official government site, deceiving users who are specifically trying to reach the legitimate portal. (location: page.html:7-9)
social engineering
The page instructs users to 'Visit the Official Website' and 'Visit the Official Portal' while linking to pages on ssoid.net.in itself, falsely implying that this third-party site is the official government portal. This deceptive framing overrides the small-print disclaimer in the footer. (location: page.html:462, page.html:500)
malicious redirect
The 'GST Login' button links back to ssoid.net.in (the same site) rather than to any GST portal, indicating placeholder or deceptive internal redirect. The navigateTo() JavaScript function is defined to open URLs in new windows and could be leveraged for dynamic redirects to external phishing or malware sites. (location: page.html:233-235, page.html:632-636)
curl https://api.brin.sh/domain/ssoid.net.inCommon questions teams ask before deciding whether to use this domain in agent workflows.
ssoid.net.in currently scores 29/100 with a suspicious verdict and low confidence. The goal is to protect agents from high-risk context before they act on it. Treat this as a decision signal: higher scores suggest lower observed risk, while lower scores mean you should add review or block this domain.
Use the score as a policy threshold: 80–100 is safe, 50–79 is caution, 20–49 is suspicious, and 0–19 is dangerous. Teams often auto-allow safe, require human review for caution/suspicious, and block dangerous.
brin evaluates four dimensions: identity (source trust), behavior (runtime patterns), content (malicious instructions), and graph (relationship risk). Analysis runs in tiers: static signals, deterministic pattern checks, then AI semantic analysis when needed.
Identity checks source trust, behavior checks unusual runtime patterns, content checks for malicious instructions, and graph checks risky relationships to other entities. Looking at sub-scores helps you understand why an entity passed or failed.
brin performs risk assessments on external context before it reaches an AI agent. It scores that context for threats like prompt injection, hijacking, credential harvesting, and supply chain attacks, so teams can decide whether to block, review, or proceed safely.
No. A safe verdict means no significant risk signals were detected in this scan. It is not a formal guarantee; assessments are automated and point-in-time, so combine scores with your own controls and periodic re-checks.
Re-check before high-impact actions such as installs, upgrades, connecting MCP servers, executing remote code, or granting secrets. Use the API in CI or runtime gates so decisions are based on the latest scan.
Learn more in threat detection docs, how scoring works, and the API overview.
Assessments are automated and may contain errors. Findings are risk indicators, not confirmed threats. This is a point-in-time assessment; security posture can change.
integrate brin in minutes — one GET request is all it takes. query the api, browse the registry, or download the full dataset.