urlscan.io logo urlscan.io
SecurityTrails logo

api-resources-sit.aibtest.ie Open in urlscan Pro
194.106.144.24  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://aib-app.development.dimply.ai/
Effective URL: https://api-resources-sit.aibtest.ie/as/authorization.oauth2?redirect_uri=https://aib-app.development.dimply.ai/oauth2/sso/dashboard&...
Submission Tags: tag
Submission: On August 11 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 13 HTTP transactions. The main IP is 194.106.144.24, located in Cavan, Ireland and belongs to EIRCOM Internet House, IE. The main domain is api-resources-sit.aibtest.ie.
TLS certificate: Issued by DigiCert EV RSA CA G2 on May 8th 2024. Valid for: 8 months.
This is the only time api-resources-sit.aibtest.ie was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Allied Irish Banks (Banking)

Domain & IP information

IP Address AS Autonomous System
6 34.107.230.186 396982 (GOOGLE-CL...)
7 194.106.144.24 5466 (EIRCOM In...)
13 2
Apex Domain
Subdomains		 Transfer
7 aibtest.ie
api-resources-sit.aibtest.ie
422 KB
6 dimply.ai
aib-app.development.dimply.ai
847 KB
13 2
Domain Requested by
7 api-resources-sit.aibtest.ie aib-app.development.dimply.ai
api-resources-sit.aibtest.ie
6 aib-app.development.dimply.ai aib-app.development.dimply.ai
13 2

This site contains links to these domains. Also see Links.

Domain
aib.ie
Subject Issuer Validity Valid
aib-app.development.dimply.ai
WR3		 2024-07-31 -
2024-10-29		 3 months crt.sh
api-resources-sit.aibtest.ie
DigiCert EV RSA CA G2		 2024-05-08 -
2025-01-03		 8 months crt.sh

This page contains 1 frames:

Primary Page: https://api-resources-sit.aibtest.ie/as/authorization.oauth2?redirect_uri=https://aib-app.development.dimply.ai/oauth2/sso/dashboard&client_id=dimply_auth&response_type=code&nonce=gFr9sBXuXjhKEBaYkKQGm9CQqQZ7N_6JxlHgynFUE4M&state=b78f41b0-da90-49f9-84ec-ce352df231ec&scope=openid%20aib_login&code_challenge=RrTHPwZsijOGKuLf1fUDIHAMZ-DMhf3N_pIaq-UZlh0&code_challenge_method=S256
Frame ID: 0FB887F75B24B8CFAA58636F288C4F63
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Log in

Page URL History Show full URLs

  1. http://aib-app.development.dimply.ai/ HTTP 307
    https://aib-app.development.dimply.ai/ Page URL
  2. https://api-resources-sit.aibtest.ie/as/authorization.oauth2?redirect_uri=https://aib-app.development.dimply.ai/o... Page URL

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

1269 kB
Transfer

3599 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://aib-app.development.dimply.ai/ HTTP 307
    https://aib-app.development.dimply.ai/ Page URL
  2. https://api-resources-sit.aibtest.ie/as/authorization.oauth2?redirect_uri=https://aib-app.development.dimply.ai/oauth2/sso/dashboard&client_id=dimply_auth&response_type=code&nonce=gFr9sBXuXjhKEBaYkKQGm9CQqQZ7N_6JxlHgynFUE4M&state=b78f41b0-da90-49f9-84ec-ce352df231ec&scope=openid%20aib_login&code_challenge=RrTHPwZsijOGKuLf1fUDIHAMZ-DMhf3N_pIaq-UZlh0&code_challenge_method=S256 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://aib-app.development.dimply.ai/ HTTP 307
  • https://aib-app.development.dimply.ai/

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
aib-app.development.dimply.ai/
Redirect Chain
  • http://aib-app.development.dimply.ai/
  • https://aib-app.development.dimply.ai/
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aib-app.development.dimply.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.230.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.230.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d97505ac4ab5a2ff97977f3cd113d6d5d4b7b49e31bcf0ab28405584a2bfaaac
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'unsafe-eval' 'sha256-Ai8vXeMrERDV2mQjBsYHEpuV6HIWSMYrgE9j73Iea7c=' 'self'; style-src 'unsafe-inline' 'self'; object-src 'none'; base-uri 'self'; connect-src 'self' https://api.development.dimply.ai https://storage.googleapis.com wss://api.development.dimply.ai; font-src 'self' https://storage.googleapis.com; frame-src 'self'; img-src 'self' blob: https://storage.googleapis.com data:; manifest-src 'self'; media-src 'self'; worker-src 'none'; frame-ancestors 'none'; form-action 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=300,must-revalidate
content-encoding
gzip
content-length
594
content-security-policy
default-src 'self'; script-src 'unsafe-eval' 'sha256-Ai8vXeMrERDV2mQjBsYHEpuV6HIWSMYrgE9j73Iea7c=' 'self'; style-src 'unsafe-inline' 'self'; object-src 'none'; base-uri 'self'; connect-src 'self' https://api.development.dimply.ai https://storage.googleapis.com wss://api.development.dimply.ai; font-src 'self' https://storage.googleapis.com; frame-src 'self'; img-src 'self' blob: https://storage.googleapis.com data:; manifest-src 'self'; media-src 'self'; worker-src 'none'; frame-ancestors 'none'; form-action 'none';
content-type
text/html
date
Sun, 11 Aug 2024 05:01:51 GMT
etag
"a78e29831c2d76d89bc66e1d4a8208ed"
last-modified
Fri, 09 Aug 2024 09:44:45 GMT
server
UploadServer
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-goog-generation
1723196685281646
x-goog-hash
crc32c=SPnlLA== md5=p44pgxwtdtibxm4dSoII7Q==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
594
x-guploader-uploadid
AHxI1nN5x7gIxaMiWWo_ra7PKadkPGkrw-hUSncEQx3m2xxW7Us3fz9ZvlfkCzrxNj5ziBHXZq1k7CFnpg

Redirect headers

Location
https://aib-app.development.dimply.ai/
Non-Authoritative-Reason
HttpsUpgrades
index-CycGlOok.js
aib-app.development.dimply.ai/assets/ 		3 MB
842 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aib-app.development.dimply.ai/assets/index-CycGlOok.js
Requested by
Host: aib-app.development.dimply.ai
URL: https://aib-app.development.dimply.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.230.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.230.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
00a295dbed9a6c0fa80aa14147d4b3752a88510da85600ae48955ad52bd471f1
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'unsafe-eval' 'sha256-Ai8vXeMrERDV2mQjBsYHEpuV6HIWSMYrgE9j73Iea7c=' 'self'; style-src 'unsafe-inline' 'self'; object-src 'none'; base-uri 'self'; connect-src 'self' https://api.development.dimply.ai https://storage.googleapis.com wss://api.development.dimply.ai; font-src 'self' https://storage.googleapis.com; frame-src 'self'; img-src 'self' blob: https://storage.googleapis.com data:; manifest-src 'self'; media-src 'self'; worker-src 'none'; frame-ancestors 'none'; form-action 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://aib-app.development.dimply.ai/
Origin
https://aib-app.development.dimply.ai
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 05:01:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self'; script-src 'unsafe-eval' 'sha256-Ai8vXeMrERDV2mQjBsYHEpuV6HIWSMYrgE9j73Iea7c=' 'self'; style-src 'unsafe-inline' 'self'; object-src 'none'; base-uri 'self'; connect-src 'self' https://api.development.dimply.ai https://storage.googleapis.com wss://api.development.dimply.ai; font-src 'self' https://storage.googleapis.com; frame-src 'self'; img-src 'self' blob: https://storage.googleapis.com data:; manifest-src 'self'; media-src 'self'; worker-src 'none'; frame-ancestors 'none'; form-action 'none';
x-guploader-uploadid
AHxI1nO0ruO0mMl7YCzO-ciWi-H7OnxGGNIEP-irPTkP-sSze6yt7Mc_hl2A8afpg7ZMEmVSgPCykxudKw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
861081
last-modified
Fri, 09 Aug 2024 09:44:44 GMT
server
UploadServer
etag
"3ca118d8c0af3ce5519ab274a310693b"
vary
Accept-Encoding
x-goog-generation
1723196684364028
content-type
application/javascript
x-goog-hash
crc32c=hRBP9A==, md5=PKEY2MCvPOVRmrJ0oxBpOw==
cache-control
public,max-age=3600
x-goog-stored-content-length
861081
accept-ranges
bytes
favicon.ico
aib-app.development.dimply.ai/ 		15 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aib-app.development.dimply.ai/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.230.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.230.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'unsafe-eval' 'sha256-Ai8vXeMrERDV2mQjBsYHEpuV6HIWSMYrgE9j73Iea7c=' 'self'; style-src 'unsafe-inline' 'self'; object-src 'none'; base-uri 'self'; connect-src 'self' https://api.development.dimply.ai https://storage.googleapis.com wss://api.development.dimply.ai; font-src 'self' https://storage.googleapis.com; frame-src 'self'; img-src 'self' blob: https://storage.googleapis.com data:; manifest-src 'self'; media-src 'self'; worker-src 'none'; frame-ancestors 'none'; form-action 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://aib-app.development.dimply.ai/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 05:01:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self'; script-src 'unsafe-eval' 'sha256-Ai8vXeMrERDV2mQjBsYHEpuV6HIWSMYrgE9j73Iea7c=' 'self'; style-src 'unsafe-inline' 'self'; object-src 'none'; base-uri 'self'; connect-src 'self' https://api.development.dimply.ai https://storage.googleapis.com wss://api.development.dimply.ai; font-src 'self' https://storage.googleapis.com; frame-src 'self'; img-src 'self' blob: https://storage.googleapis.com data:; manifest-src 'self'; media-src 'self'; worker-src 'none'; frame-ancestors 'none'; form-action 'none';
x-guploader-uploadid
AHxI1nPx_DiRB0wknlNGgLIe1iK8hdYX58CoqeylFtW0DCX7enNdinBws80UMArvsHmxB3HlJDybubFRqA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3166
last-modified
Fri, 09 Aug 2024 09:44:43 GMT
server
UploadServer
etag
"03694dfbc50636402f294cf2db02bab1"
vary
Accept-Encoding
x-goog-generation
1723196683175511
content-type
image/vnd.microsoft.icon
x-goog-hash
crc32c=BRV4QA==, md5=A2lN+8UGNkAvKUzy2wK6sQ==
cache-control
public,max-age=3600
x-goog-stored-content-length
3166
graphql
aib-app.development.dimply.ai/ 		50 B
78 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aib-app.development.dimply.ai/graphql?operationName=CurrentUser
Requested by
Host: aib-app.development.dimply.ai
URL: https://aib-app.development.dimply.ai/assets/index-CycGlOok.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.230.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.230.107.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none';base-uri 'self';font-src 'none';form-action 'self';frame-ancestors 'self';img-src 'none';object-src 'none';script-src 'none';script-src-attr 'none';style-src 'none';upgrade-insecure-requests;connect-src 'none'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept
*/*
Referer
https://aib-app.development.dimply.ai/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
application/json

Response headers

content-security-policy
default-src 'none';base-uri 'self';font-src 'none';form-action 'self';frame-ancestors 'self';img-src 'none';object-src 'none';script-src 'none';script-src-attr 'none';style-src 'none';upgrade-insecure-requests;connect-src 'none'
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
date
Sun, 11 Aug 2024 05:01:53 GMT
via
1.1 google
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50
x-xss-protection
0
referrer-policy
same-origin
cross-origin-opener-policy
same-origin
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json;charset=utf-8
access-control-allow-origin
https://aib-app.development.dimply.ai
origin-agent-cluster
?1
access-control-expose-headers
X-GraphQL-Event-Stream
access-control-allow-credentials
true
graphql
aib-app.development.dimply.ai/ 		466 B
495 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aib-app.development.dimply.ai/graphql?operationName=PingCreateRedirectURL
Requested by
Host: aib-app.development.dimply.ai
URL: https://aib-app.development.dimply.ai/assets/index-CycGlOok.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.230.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.230.107.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none';base-uri 'self';font-src 'none';form-action 'self';frame-ancestors 'self';img-src 'none';object-src 'none';script-src 'none';script-src-attr 'none';style-src 'none';upgrade-insecure-requests;connect-src 'none'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept
*/*
Referer
https://aib-app.development.dimply.ai/oauth2/sso/dashboard
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
application/json

Response headers

content-security-policy
default-src 'none';base-uri 'self';font-src 'none';form-action 'self';frame-ancestors 'self';img-src 'none';object-src 'none';script-src 'none';script-src-attr 'none';style-src 'none';upgrade-insecure-requests;connect-src 'none'
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
date
Sun, 11 Aug 2024 05:01:53 GMT
via
1.1 google
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
466
x-xss-protection
0
referrer-policy
same-origin
cross-origin-opener-policy
same-origin
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json;charset=utf-8
access-control-allow-origin
https://aib-app.development.dimply.ai
origin-agent-cluster
?1
access-control-expose-headers
X-GraphQL-Event-Stream
access-control-allow-credentials
true
favicon.ico
aib-app.development.dimply.ai/ 		15 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://aib-app.development.dimply.ai/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.230.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.230.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'unsafe-eval' 'sha256-Ai8vXeMrERDV2mQjBsYHEpuV6HIWSMYrgE9j73Iea7c=' 'self'; style-src 'unsafe-inline' 'self'; object-src 'none'; base-uri 'self'; connect-src 'self' https://api.development.dimply.ai https://storage.googleapis.com wss://api.development.dimply.ai; font-src 'self' https://storage.googleapis.com; frame-src 'self'; img-src 'self' blob: https://storage.googleapis.com data:; manifest-src 'self'; media-src 'self'; worker-src 'none'; frame-ancestors 'none'; form-action 'none';
X-Content-Type-Options nosniff

Request headers

Referer
https://aib-app.development.dimply.ai/oauth2/sso/dashboard
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 05:01:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'unsafe-eval' 'sha256-Ai8vXeMrERDV2mQjBsYHEpuV6HIWSMYrgE9j73Iea7c=' 'self'; style-src 'unsafe-inline' 'self'; object-src 'none'; base-uri 'self'; connect-src 'self' https://api.development.dimply.ai https://storage.googleapis.com wss://api.development.dimply.ai; font-src 'self' https://storage.googleapis.com; frame-src 'self'; img-src 'self' blob: https://storage.googleapis.com data:; manifest-src 'self'; media-src 'self'; worker-src 'none'; frame-ancestors 'none'; form-action 'none';
x-guploader-uploadid
AHxI1nPx_DiRB0wknlNGgLIe1iK8hdYX58CoqeylFtW0DCX7enNdinBws80UMArvsHmxB3HlJDybubFRqA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3166
last-modified
Fri, 09 Aug 2024 09:44:43 GMT
server
UploadServer
etag
"03694dfbc50636402f294cf2db02bab1"
vary
Accept-Encoding
x-goog-generation
1723196683175511
content-type
image/vnd.microsoft.icon
x-goog-hash
crc32c=BRV4QA==, md5=A2lN+8UGNkAvKUzy2wK6sQ==
cache-control
public,max-age=3600
x-goog-stored-content-length
3166
Primary Request authorization.oauth2
api-resources-sit.aibtest.ie/as/ 		30 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://api-resources-sit.aibtest.ie/as/authorization.oauth2?redirect_uri=https://aib-app.development.dimply.ai/oauth2/sso/dashboard&client_id=dimply_auth&response_type=code&nonce=gFr9sBXuXjhKEBaYkKQGm9CQqQZ7N_6JxlHgynFUE4M&state=b78f41b0-da90-49f9-84ec-ce352df231ec&scope=openid%20aib_login&code_challenge=RrTHPwZsijOGKuLf1fUDIHAMZ-DMhf3N_pIaq-UZlh0&code_challenge_method=S256
Requested by
Host: aib-app.development.dimply.ai
URL: https://aib-app.development.dimply.ai/assets/index-CycGlOok.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.106.144.24 Cavan, Ireland, ASN5466 (EIRCOM Internet House, IE),
Reverse DNS
Software
/
Resource Hash
14e120d525a832f669605a245913f74117af6e90299690a5c0ca9b7c60d8a441
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' use.typekit.net ajax.googleapis.com; style-src 'self' 'unsafe-inline' p.typekit.net use.typekit.net https://*.aibtest.ie https://*.mid.aib.pri:*; img-src 'self' p.typekit.net https://*.aibtest.ie https://*.mid.aib.pri:*; base-uri 'self' https://*.aibtest.ie https://*.mid.aib.pri:*; object-src 'self'; frame-ancestors 'self' https://*.aibtest.ie https://*.mid.aib.pri:* https://rhaxwayvd1.mid.aib.pri:*
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://aib-app.development.dimply.ai/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache, no-store
Content-Length
30865
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' use.typekit.net ajax.googleapis.com; style-src 'self' 'unsafe-inline' p.typekit.net use.typekit.net https://*.aibtest.ie https://*.mid.aib.pri:*; img-src 'self' p.typekit.net https://*.aibtest.ie https://*.mid.aib.pri:*; base-uri 'self' https://*.aibtest.ie https://*.mid.aib.pri:*; object-src 'self'; frame-ancestors 'self' https://*.aibtest.ie https://*.mid.aib.pri:* https://rhaxwayvd1.mid.aib.pri:*
Content-Type
text/html;charset=utf-8
Date
Sun, 11 Aug 2024 05:01:54 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Referrer-Policy
origin
Strict-Transport-Security
max-age=15552000; includeSubDomains
main.css
api-resources-sit.aibtest.ie/assets/css/ 		169 KB
170 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://api-resources-sit.aibtest.ie/assets/css/main.css
Requested by
Host: api-resources-sit.aibtest.ie
URL: https://api-resources-sit.aibtest.ie/as/authorization.oauth2?redirect_uri=https://aib-app.development.dimply.ai/oauth2/sso/dashboard&client_id=dimply_auth&response_type=code&nonce=gFr9sBXuXjhKEBaYkKQGm9CQqQZ7N_6JxlHgynFUE4M&state=b78f41b0-da90-49f9-84ec-ce352df231ec&scope=openid%20aib_login&code_challenge=RrTHPwZsijOGKuLf1fUDIHAMZ-DMhf3N_pIaq-UZlh0&code_challenge_method=S256
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.106.144.24 Cavan, Ireland, ASN5466 (EIRCOM Internet House, IE),
Reverse DNS
Software
/
Resource Hash
98e5c5e21c76cd216b97778ee3711da0e39fdb8b6ef095bf9489fe4e98114894
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' use.typekit.net ajax.googleapis.com; style-src 'self' 'unsafe-inline' p.typekit.net use.typekit.net https://*.aibtest.ie https://*.mid.aib.pri:*; img-src 'self' p.typekit.net https://*.aibtest.ie https://*.mid.aib.pri:*; base-uri 'self' https://*.aibtest.ie https://*.mid.aib.pri:*; object-src 'self'; frame-ancestors 'self' https://*.aibtest.ie https://*.mid.aib.pri:* https://rhaxwayvd1.mid.aib.pri:*
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://api-resources-sit.aibtest.ie/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Sun, 11 Aug 2024 05:01:54 GMT
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' use.typekit.net ajax.googleapis.com; style-src 'self' 'unsafe-inline' p.typekit.net use.typekit.net https://*.aibtest.ie https://*.mid.aib.pri:*; img-src 'self' p.typekit.net https://*.aibtest.ie https://*.mid.aib.pri:*; base-uri 'self' https://*.aibtest.ie https://*.mid.aib.pri:*; object-src 'self'; frame-ancestors 'self' https://*.aibtest.ie https://*.mid.aib.pri:* https://rhaxwayvd1.mid.aib.pri:*
Referrer-Policy
origin
Strict-Transport-Security
max-age=15552000; includeSubDomains
Last-Modified
Fri, 19 Jul 2024 07:32:37 GMT
Content-Type
text/css
Cache-Control
max-age=0, must-revalidate
Content-Length
173248
aib.bundle.99b61892d2fb64d0.js
api-resources-sit.aibtest.ie/assets/scripts/ 		26 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api-resources-sit.aibtest.ie/assets/scripts/aib.bundle.99b61892d2fb64d0.js
Requested by
Host: api-resources-sit.aibtest.ie
URL: https://api-resources-sit.aibtest.ie/as/authorization.oauth2?redirect_uri=https://aib-app.development.dimply.ai/oauth2/sso/dashboard&client_id=dimply_auth&response_type=code&nonce=gFr9sBXuXjhKEBaYkKQGm9CQqQZ7N_6JxlHgynFUE4M&state=b78f41b0-da90-49f9-84ec-ce352df231ec&scope=openid%20aib_login&code_challenge=RrTHPwZsijOGKuLf1fUDIHAMZ-DMhf3N_pIaq-UZlh0&code_challenge_method=S256
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.106.144.24 Cavan, Ireland, ASN5466 (EIRCOM Internet House, IE),
Reverse DNS
Software
/
Resource Hash
26842cff26b910ac5df720d945619d6b87c42feab3141da98dd1f8e59de44695
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' use.typekit.net ajax.googleapis.com; style-src 'self' 'unsafe-inline' p.typekit.net use.typekit.net https://*.aibtest.ie https://*.mid.aib.pri:*; img-src 'self' p.typekit.net https://*.aibtest.ie https://*.mid.aib.pri:*; base-uri 'self' https://*.aibtest.ie https://*.mid.aib.pri:*; object-src 'self'; frame-ancestors 'self' https://*.aibtest.ie https://*.mid.aib.pri:* https://rhaxwayvd1.mid.aib.pri:*
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://api-resources-sit.aibtest.ie/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Sun, 11 Aug 2024 05:01:54 GMT
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' use.typekit.net ajax.googleapis.com; style-src 'self' 'unsafe-inline' p.typekit.net use.typekit.net https://*.aibtest.ie https://*.mid.aib.pri:*; img-src 'self' p.typekit.net https://*.aibtest.ie https://*.mid.aib.pri:*; base-uri 'self' https://*.aibtest.ie https://*.mid.aib.pri:*; object-src 'self'; frame-ancestors 'self' https://*.aibtest.ie https://*.mid.aib.pri:* https://rhaxwayvd1.mid.aib.pri:*
Referrer-Policy
origin
Strict-Transport-Security
max-age=15552000; includeSubDomains
Last-Modified
Fri, 19 Jul 2024 07:32:38 GMT
Content-Type
application/javascript
Cache-Control
max-age=31536000
Content-Length
27130
ProximaNova-Bold.otf
api-resources-sit.aibtest.ie/assets/fonts/proxima-nova/ 		62 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://api-resources-sit.aibtest.ie/assets/fonts/proxima-nova/ProximaNova-Bold.otf
Requested by
Host: api-resources-sit.aibtest.ie
URL: https://api-resources-sit.aibtest.ie/assets/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.106.144.24 Cavan, Ireland, ASN5466 (EIRCOM Internet House, IE),
Reverse DNS
Software
/
Resource Hash
b9e81a47aecd3d05445ae775f48d08b3de46b2039f1d229a58a87be194e327ec
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' use.typekit.net ajax.googleapis.com; style-src 'self' 'unsafe-inline' p.typekit.net use.typekit.net https://*.aibtest.ie https://*.mid.aib.pri:*; img-src 'self' p.typekit.net https://*.aibtest.ie https://*.mid.aib.pri:*; base-uri 'self' https://*.aibtest.ie https://*.mid.aib.pri:*; object-src 'self'; frame-ancestors 'self' https://*.aibtest.ie https://*.mid.aib.pri:* https://rhaxwayvd1.mid.aib.pri:*
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://api-resources-sit.aibtest.ie/
Origin
https://api-resources-sit.aibtest.ie
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Sun, 11 Aug 2024 05:01:54 GMT
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' use.typekit.net ajax.googleapis.com; style-src 'self' 'unsafe-inline' p.typekit.net use.typekit.net https://*.aibtest.ie https://*.mid.aib.pri:*; img-src 'self' p.typekit.net https://*.aibtest.ie https://*.mid.aib.pri:*; base-uri 'self' https://*.aibtest.ie https://*.mid.aib.pri:*; object-src 'self'; frame-ancestors 'self' https://*.aibtest.ie https://*.mid.aib.pri:* https://rhaxwayvd1.mid.aib.pri:*
Referrer-Policy
origin
Strict-Transport-Security
max-age=15552000; includeSubDomains
Last-Modified
Fri, 19 Jul 2024 07:32:38 GMT
Content-Type
application/vnd.oasis.opendocument.formula-template
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, must-revalidate
Content-Length
63808
ProximaNova-Regular.otf
api-resources-sit.aibtest.ie/assets/fonts/proxima-nova/ 		61 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://api-resources-sit.aibtest.ie/assets/fonts/proxima-nova/ProximaNova-Regular.otf
Requested by
Host: api-resources-sit.aibtest.ie
URL: https://api-resources-sit.aibtest.ie/assets/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.106.144.24 Cavan, Ireland, ASN5466 (EIRCOM Internet House, IE),
Reverse DNS
Software
/
Resource Hash
2b80fbe521e07e4e84eb52e707b364c3e6c05c57e483276dc4b3be93a9794ba9
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' use.typekit.net ajax.googleapis.com; style-src 'self' 'unsafe-inline' p.typekit.net use.typekit.net https://*.aibtest.ie https://*.mid.aib.pri:*; img-src 'self' p.typekit.net https://*.aibtest.ie https://*.mid.aib.pri:*; base-uri 'self' https://*.aibtest.ie https://*.mid.aib.pri:*; object-src 'self'; frame-ancestors 'self' https://*.aibtest.ie https://*.mid.aib.pri:* https://rhaxwayvd1.mid.aib.pri:*
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://api-resources-sit.aibtest.ie/
Origin
https://api-resources-sit.aibtest.ie
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Sun, 11 Aug 2024 05:01:54 GMT
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' use.typekit.net ajax.googleapis.com; style-src 'self' 'unsafe-inline' p.typekit.net use.typekit.net https://*.aibtest.ie https://*.mid.aib.pri:*; img-src 'self' p.typekit.net https://*.aibtest.ie https://*.mid.aib.pri:*; base-uri 'self' https://*.aibtest.ie https://*.mid.aib.pri:*; object-src 'self'; frame-ancestors 'self' https://*.aibtest.ie https://*.mid.aib.pri:* https://rhaxwayvd1.mid.aib.pri:*
Referrer-Policy
origin
Strict-Transport-Security
max-age=15552000; includeSubDomains
Last-Modified
Fri, 19 Jul 2024 07:32:38 GMT
Content-Type
application/vnd.oasis.opendocument.formula-template
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, must-revalidate
Content-Length
62892
ProximaNova-Semibold.otf
api-resources-sit.aibtest.ie/assets/fonts/proxima-nova/ 		62 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://api-resources-sit.aibtest.ie/assets/fonts/proxima-nova/ProximaNova-Semibold.otf
Requested by
Host: api-resources-sit.aibtest.ie
URL: https://api-resources-sit.aibtest.ie/assets/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.106.144.24 Cavan, Ireland, ASN5466 (EIRCOM Internet House, IE),
Reverse DNS
Software
/
Resource Hash
9e7ff2f279f8c497d687d1248d17e7a8c19784d945698c4bc8f9168fe9e351cb
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' use.typekit.net ajax.googleapis.com; style-src 'self' 'unsafe-inline' p.typekit.net use.typekit.net https://*.aibtest.ie https://*.mid.aib.pri:*; img-src 'self' p.typekit.net https://*.aibtest.ie https://*.mid.aib.pri:*; base-uri 'self' https://*.aibtest.ie https://*.mid.aib.pri:*; object-src 'self'; frame-ancestors 'self' https://*.aibtest.ie https://*.mid.aib.pri:* https://rhaxwayvd1.mid.aib.pri:*
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://api-resources-sit.aibtest.ie/
Origin
https://api-resources-sit.aibtest.ie
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Sun, 11 Aug 2024 05:01:54 GMT
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' use.typekit.net ajax.googleapis.com; style-src 'self' 'unsafe-inline' p.typekit.net use.typekit.net https://*.aibtest.ie https://*.mid.aib.pri:*; img-src 'self' p.typekit.net https://*.aibtest.ie https://*.mid.aib.pri:*; base-uri 'self' https://*.aibtest.ie https://*.mid.aib.pri:*; object-src 'self'; frame-ancestors 'self' https://*.aibtest.ie https://*.mid.aib.pri:* https://rhaxwayvd1.mid.aib.pri:*
Referrer-Policy
origin
Strict-Transport-Security
max-age=15552000; includeSubDomains
Last-Modified
Fri, 19 Jul 2024 07:32:38 GMT
Content-Type
application/vnd.oasis.opendocument.formula-template
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, must-revalidate
Content-Length
63116
favicon.ico
api-resources-sit.aibtest.ie/ 		5 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://api-resources-sit.aibtest.ie/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.106.144.24 Cavan, Ireland, ASN5466 (EIRCOM Internet House, IE),
Reverse DNS
Software
/
Resource Hash
e91ac6061e8c59eec248c44ba2c63b34ac613775231e229cacb40c75bc048300
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' use.typekit.net ajax.googleapis.com; style-src 'self' 'unsafe-inline' p.typekit.net use.typekit.net https://*.aibtest.ie https://*.mid.aib.pri:*; img-src 'self' p.typekit.net https://*.aibtest.ie https://*.mid.aib.pri:*; base-uri 'self' https://*.aibtest.ie https://*.mid.aib.pri:*; object-src 'self'; frame-ancestors 'self' https://*.aibtest.ie https://*.mid.aib.pri:* https://rhaxwayvd1.mid.aib.pri:*
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://api-resources-sit.aibtest.ie/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Sun, 11 Aug 2024 05:01:54 GMT
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' use.typekit.net ajax.googleapis.com; style-src 'self' 'unsafe-inline' p.typekit.net use.typekit.net https://*.aibtest.ie https://*.mid.aib.pri:*; img-src 'self' p.typekit.net https://*.aibtest.ie https://*.mid.aib.pri:*; base-uri 'self' https://*.aibtest.ie https://*.mid.aib.pri:*; object-src 'self'; frame-ancestors 'self' https://*.aibtest.ie https://*.mid.aib.pri:* https://rhaxwayvd1.mid.aib.pri:*
Referrer-Policy
origin
Strict-Transport-Security
max-age=15552000; includeSubDomains
Last-Modified
Fri, 19 Jul 2024 07:32:37 GMT
Content-Length
5430
Content-Type
image/x-icon

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Allied Irish Banks (Banking)

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| aib function| aibShowTsCs function| aibHideTsCs function| aibShowMoreInfo function| aibHideMoreInfo function| removeIdentifier function| showIdentifierInputBox function| selectIdentifier function| postOk function| postRegistration function| postCancel function| submitForm function| postOnReturn function| setFocus function| createCookie function| setMobile function| getScreenWidth object| bodyTag number| width

4 Cookies

Domain/Path Name / Value
api-resources-sit.aibtest.ie/ Name: PF
Value: NKAJ7aUswNmU0sPIwiS0xYjRYqUK8l8S01hdJSag807r
.api-resources-sit.aibtest.ie/ Name: TS01b2fa30
Value: 01725a5300f5746cd06d79f1a980bc8347113ac2eb01b205c7bd2cc3cc2abb01fbed472d8e50b9362728b1852efb3c2f898aed3916a2bffa4c36924003712f0c6c482d6176
api-resources-sit.aibtest.ie/ Name: register
Value: no
api-resources-sit.aibtest.ie/ Name: currenturl
Value: https://api-resources-sit.aibtest.ie/as/authorization.oauth2?redirect_uri=https://aib-app.development.dimply.ai/oauth2/sso/dashboard&client_id=dimply_auth&response_type=code&nonce=gFr9sBXuXjhKEBaYkKQGm9CQqQZ7N_6JxlHgynFUE4M&state=b78f41b0-da90-49f9-84ec-ce352df231ec&scope=openid%20aib_login&code_challenge=RrTHPwZsijOGKuLf1fUDIHAMZ-DMhf3N_pIaq-UZlh0&code_challenge_method=S256

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; script-src 'unsafe-eval' 'sha256-Ai8vXeMrERDV2mQjBsYHEpuV6HIWSMYrgE9j73Iea7c=' 'self'; style-src 'unsafe-inline' 'self'; object-src 'none'; base-uri 'self'; connect-src 'self' https://api.development.dimply.ai https://storage.googleapis.com wss://api.development.dimply.ai; font-src 'self' https://storage.googleapis.com; frame-src 'self'; img-src 'self' blob: https://storage.googleapis.com data:; manifest-src 'self'; media-src 'self'; worker-src 'none'; frame-ancestors 'none'; form-action 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff