urlscan.io logo urlscan.io
SecurityTrails logo

api-resources-sit.aibtest.ie Open in urlscan Pro
194.106.144.24  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://aib-app.development.dimply.ai/
Effective URL: https://api-resources-sit.aibtest.ie/as/authorization.oauth2?redirect_uri=https://aib-app.development.dimply.ai/oauth2/sso/dashboard&...
Submission Tags: tag
Submission: On June 04 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 13 HTTP transactions. The main IP is 194.106.144.24, located in Cavan, Ireland and belongs to EIRCOM Internet House, IE. The main domain is api-resources-sit.aibtest.ie.
TLS certificate: Issued by DigiCert EV RSA CA G2 on May 8th 2024. Valid for: 8 months.
This is the only time api-resources-sit.aibtest.ie was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Allied Irish Banks (Banking)

Domain & IP information

IP Address AS Autonomous System
6 34.107.230.186 396982 (GOOGLE-CL...)
7 194.106.144.24 5466 (EIRCOM In...)
13 2
Apex Domain
Subdomains		 Transfer
7 aibtest.ie
api-resources-sit.aibtest.ie
429 KB
6 dimply.ai
aib-app.development.dimply.ai
835 KB
13 2
Domain Requested by
7 api-resources-sit.aibtest.ie aib-app.development.dimply.ai
api-resources-sit.aibtest.ie
6 aib-app.development.dimply.ai aib-app.development.dimply.ai
13 2

This site contains links to these domains. Also see Links.

Domain
aib.ie
Subject Issuer Validity Valid
aib-app.development.dimply.ai
GTS CA 1D4		 2024-04-08 -
2024-07-07		 3 months crt.sh
api-resources-sit.aibtest.ie
DigiCert EV RSA CA G2		 2024-05-08 -
2025-01-03		 8 months crt.sh

This page contains 1 frames:

Primary Page: https://api-resources-sit.aibtest.ie/as/authorization.oauth2?redirect_uri=https://aib-app.development.dimply.ai/oauth2/sso/dashboard&client_id=dimply_auth&response_type=code&nonce=ofET6AnYP-lhbfMjo0n44y-2_IrrKTr9AESl88JP6PM&state=49303d34-3818-40eb-9099-8781cb5bf9df&scope=openid%20aib_login&code_challenge=fFKz58oDlNOu-lQSZaqkCkuK_eO-Zq2IrYQP8A_7Z9I&code_challenge_method=S256
Frame ID: F1A62867912E1D91BE66CA430B8329AB
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Log in

Page URL History Show full URLs

  1. http://aib-app.development.dimply.ai/ HTTP 307
    https://aib-app.development.dimply.ai/ Page URL
  2. https://api-resources-sit.aibtest.ie/as/authorization.oauth2?redirect_uri=https://aib-app.development.dimply.ai/o... Page URL

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

1265 kB
Transfer

3454 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://aib-app.development.dimply.ai/ HTTP 307
    https://aib-app.development.dimply.ai/ Page URL
  2. https://api-resources-sit.aibtest.ie/as/authorization.oauth2?redirect_uri=https://aib-app.development.dimply.ai/oauth2/sso/dashboard&client_id=dimply_auth&response_type=code&nonce=ofET6AnYP-lhbfMjo0n44y-2_IrrKTr9AESl88JP6PM&state=49303d34-3818-40eb-9099-8781cb5bf9df&scope=openid%20aib_login&code_challenge=fFKz58oDlNOu-lQSZaqkCkuK_eO-Zq2IrYQP8A_7Z9I&code_challenge_method=S256 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://aib-app.development.dimply.ai/ HTTP 307
  • https://aib-app.development.dimply.ai/

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
aib-app.development.dimply.ai/
Redirect Chain
  • http://aib-app.development.dimply.ai/
  • https://aib-app.development.dimply.ai/
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aib-app.development.dimply.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.230.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.230.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
629a92464dd6f669205a00c11a42430f7f8949d5f82c320d1f97206458734ce7
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'unsafe-eval' 'sha256-Ai8vXeMrERDV2mQjBsYHEpuV6HIWSMYrgE9j73Iea7c=' 'self'; style-src 'unsafe-inline' 'self'; object-src 'none'; base-uri 'self'; connect-src 'self' https://api.development.dimply.ai https://storage.googleapis.com wss://api.development.dimply.ai; font-src 'self' https://storage.googleapis.com; frame-src 'self'; img-src 'self' blob: https://storage.googleapis.com data:; manifest-src 'self'; media-src 'self'; worker-src 'none'; frame-ancestors 'none'; form-action 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=300,must-revalidate
content-encoding
gzip
content-length
597
content-security-policy
default-src 'self'; script-src 'unsafe-eval' 'sha256-Ai8vXeMrERDV2mQjBsYHEpuV6HIWSMYrgE9j73Iea7c=' 'self'; style-src 'unsafe-inline' 'self'; object-src 'none'; base-uri 'self'; connect-src 'self' https://api.development.dimply.ai https://storage.googleapis.com wss://api.development.dimply.ai; font-src 'self' https://storage.googleapis.com; frame-src 'self'; img-src 'self' blob: https://storage.googleapis.com data:; manifest-src 'self'; media-src 'self'; worker-src 'none'; frame-ancestors 'none'; form-action 'none';
content-type
text/html
date
Tue, 04 Jun 2024 05:02:32 GMT
etag
"cf46f4767cd7fbb6ee6f8d966454ea6b"
last-modified
Sun, 02 Jun 2024 20:16:15 GMT
server
UploadServer
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-goog-generation
1717359375905705
x-goog-hash
crc32c=LHD9Qw== md5=z0b0dnzX+7bub42WZFTqaw==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
597
x-guploader-uploadid
ABPtcPoZAts0ndfU60iUYI1oB5u9uY0k2URYMPeAAlIJqKPQXh2uajOW7-mXaDmljtnQkBz-bAUeouwXBA

Redirect headers

Location
https://aib-app.development.dimply.ai/
Non-Authoritative-Reason
HttpsUpgrades
index-tWcI3e2w.js
aib-app.development.dimply.ai/assets/ 		3 MB
830 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aib-app.development.dimply.ai/assets/index-tWcI3e2w.js
Requested by
Host: aib-app.development.dimply.ai
URL: https://aib-app.development.dimply.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.230.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.230.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e8dd18ff3abdfd42027bac03599d0f3196beefee8ea8ee9535f61b204750a1c1
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'unsafe-eval' 'sha256-Ai8vXeMrERDV2mQjBsYHEpuV6HIWSMYrgE9j73Iea7c=' 'self'; style-src 'unsafe-inline' 'self'; object-src 'none'; base-uri 'self'; connect-src 'self' https://api.development.dimply.ai https://storage.googleapis.com wss://api.development.dimply.ai; font-src 'self' https://storage.googleapis.com; frame-src 'self'; img-src 'self' blob: https://storage.googleapis.com data:; manifest-src 'self'; media-src 'self'; worker-src 'none'; frame-ancestors 'none'; form-action 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://aib-app.development.dimply.ai/
Origin
https://aib-app.development.dimply.ai
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 05:02:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self'; script-src 'unsafe-eval' 'sha256-Ai8vXeMrERDV2mQjBsYHEpuV6HIWSMYrgE9j73Iea7c=' 'self'; style-src 'unsafe-inline' 'self'; object-src 'none'; base-uri 'self'; connect-src 'self' https://api.development.dimply.ai https://storage.googleapis.com wss://api.development.dimply.ai; font-src 'self' https://storage.googleapis.com; frame-src 'self'; img-src 'self' blob: https://storage.googleapis.com data:; manifest-src 'self'; media-src 'self'; worker-src 'none'; frame-ancestors 'none'; form-action 'none';
x-guploader-uploadid
ABPtcPpNsGk5iGNr0Gjumj3VlrJvEUcxLH7O36VQZs31iXvflTg0HXK54CEMPC0l0x2kgDd-io7pi6vBbw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
849365
last-modified
Sun, 02 Jun 2024 20:16:14 GMT
server
UploadServer
etag
"f5e88ffd16d5e8ceafb2a7fff95d61e4"
vary
Accept-Encoding
x-goog-generation
1717359374678728
content-type
application/javascript
x-goog-hash
crc32c=LOYNWw==, md5=9eiP/RbV6M6vsqf/+V1h5A==
cache-control
public,max-age=3600
x-goog-stored-content-length
849365
accept-ranges
bytes
favicon.ico
aib-app.development.dimply.ai/ 		15 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aib-app.development.dimply.ai/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.230.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.230.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'unsafe-eval' 'sha256-Ai8vXeMrERDV2mQjBsYHEpuV6HIWSMYrgE9j73Iea7c=' 'self'; style-src 'unsafe-inline' 'self'; object-src 'none'; base-uri 'self'; connect-src 'self' https://api.development.dimply.ai https://storage.googleapis.com wss://api.development.dimply.ai; font-src 'self' https://storage.googleapis.com; frame-src 'self'; img-src 'self' blob: https://storage.googleapis.com data:; manifest-src 'self'; media-src 'self'; worker-src 'none'; frame-ancestors 'none'; form-action 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://aib-app.development.dimply.ai/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 05:02:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self'; script-src 'unsafe-eval' 'sha256-Ai8vXeMrERDV2mQjBsYHEpuV6HIWSMYrgE9j73Iea7c=' 'self'; style-src 'unsafe-inline' 'self'; object-src 'none'; base-uri 'self'; connect-src 'self' https://api.development.dimply.ai https://storage.googleapis.com wss://api.development.dimply.ai; font-src 'self' https://storage.googleapis.com; frame-src 'self'; img-src 'self' blob: https://storage.googleapis.com data:; manifest-src 'self'; media-src 'self'; worker-src 'none'; frame-ancestors 'none'; form-action 'none';
x-guploader-uploadid
ABPtcPp1jF5BglatVH8Vlv2ubECPOXO-tR5jmXULaiH5FtIvr0loSS2YPzGlrpE0jqEiNEl-Yok
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3147
last-modified
Sun, 02 Jun 2024 20:16:14 GMT
server
UploadServer
etag
"c5a587451d8aee7b8369021153fd95cd"
vary
Accept-Encoding
x-goog-generation
1717359374028861
content-type
image/vnd.microsoft.icon
x-goog-hash
crc32c=fm4Trg==, md5=xaWHRR2K7nuDaQIRU/2VzQ==
cache-control
public,max-age=3600
x-goog-stored-content-length
3147
graphql
aib-app.development.dimply.ai/ 		29 B
57 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aib-app.development.dimply.ai/graphql?operationName=CurrentUser
Requested by
Host: aib-app.development.dimply.ai
URL: https://aib-app.development.dimply.ai/assets/index-tWcI3e2w.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.230.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.230.107.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none';base-uri 'self';font-src 'none';form-action 'self';frame-ancestors 'self';img-src 'none';object-src 'none';script-src 'none';script-src-attr 'none';style-src 'none';upgrade-insecure-requests;connect-src 'none'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type
application/json
accept
*/*
Referer
https://aib-app.development.dimply.ai/
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'none';base-uri 'self';font-src 'none';form-action 'self';frame-ancestors 'self';img-src 'none';object-src 'none';script-src 'none';script-src-attr 'none';style-src 'none';upgrade-insecure-requests;connect-src 'none'
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
date
Tue, 04 Jun 2024 05:02:34 GMT
via
1.1 google
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
referrer-policy
same-origin
cross-origin-opener-policy
same-origin
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json;charset=utf-8
access-control-allow-origin
https://aib-app.development.dimply.ai
origin-agent-cluster
?1
access-control-expose-headers
X-GraphQL-Event-Stream
access-control-allow-credentials
true
graphql
aib-app.development.dimply.ai/ 		466 B
495 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aib-app.development.dimply.ai/graphql?operationName=PingCreateRedirectURL
Requested by
Host: aib-app.development.dimply.ai
URL: https://aib-app.development.dimply.ai/assets/index-tWcI3e2w.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.230.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.230.107.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none';base-uri 'self';font-src 'none';form-action 'self';frame-ancestors 'self';img-src 'none';object-src 'none';script-src 'none';script-src-attr 'none';style-src 'none';upgrade-insecure-requests;connect-src 'none'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type
application/json
accept
*/*
Referer
https://aib-app.development.dimply.ai/oauth2/sso/dashboard
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'none';base-uri 'self';font-src 'none';form-action 'self';frame-ancestors 'self';img-src 'none';object-src 'none';script-src 'none';script-src-attr 'none';style-src 'none';upgrade-insecure-requests;connect-src 'none'
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
date
Tue, 04 Jun 2024 05:02:34 GMT
via
1.1 google
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
466
x-xss-protection
0
referrer-policy
same-origin
cross-origin-opener-policy
same-origin
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json;charset=utf-8
access-control-allow-origin
https://aib-app.development.dimply.ai
origin-agent-cluster
?1
access-control-expose-headers
X-GraphQL-Event-Stream
access-control-allow-credentials
true
favicon.ico
aib-app.development.dimply.ai/ 		15 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://aib-app.development.dimply.ai/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.230.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.230.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'unsafe-eval' 'sha256-Ai8vXeMrERDV2mQjBsYHEpuV6HIWSMYrgE9j73Iea7c=' 'self'; style-src 'unsafe-inline' 'self'; object-src 'none'; base-uri 'self'; connect-src 'self' https://api.development.dimply.ai https://storage.googleapis.com wss://api.development.dimply.ai; font-src 'self' https://storage.googleapis.com; frame-src 'self'; img-src 'self' blob: https://storage.googleapis.com data:; manifest-src 'self'; media-src 'self'; worker-src 'none'; frame-ancestors 'none'; form-action 'none';
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://aib-app.development.dimply.ai/oauth2/sso/dashboard
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 05:02:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'unsafe-eval' 'sha256-Ai8vXeMrERDV2mQjBsYHEpuV6HIWSMYrgE9j73Iea7c=' 'self'; style-src 'unsafe-inline' 'self'; object-src 'none'; base-uri 'self'; connect-src 'self' https://api.development.dimply.ai https://storage.googleapis.com wss://api.development.dimply.ai; font-src 'self' https://storage.googleapis.com; frame-src 'self'; img-src 'self' blob: https://storage.googleapis.com data:; manifest-src 'self'; media-src 'self'; worker-src 'none'; frame-ancestors 'none'; form-action 'none';
x-guploader-uploadid
ABPtcPp1jF5BglatVH8Vlv2ubECPOXO-tR5jmXULaiH5FtIvr0loSS2YPzGlrpE0jqEiNEl-Yok
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3147
last-modified
Sun, 02 Jun 2024 20:16:14 GMT
server
UploadServer
etag
"c5a587451d8aee7b8369021153fd95cd"
vary
Accept-Encoding
x-goog-generation
1717359374028861
content-type
image/vnd.microsoft.icon
x-goog-hash
crc32c=fm4Trg==, md5=xaWHRR2K7nuDaQIRU/2VzQ==
cache-control
public,max-age=3600
x-goog-stored-content-length
3147
Primary Request authorization.oauth2
api-resources-sit.aibtest.ie/as/ 		30 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://api-resources-sit.aibtest.ie/as/authorization.oauth2?redirect_uri=https://aib-app.development.dimply.ai/oauth2/sso/dashboard&client_id=dimply_auth&response_type=code&nonce=ofET6AnYP-lhbfMjo0n44y-2_IrrKTr9AESl88JP6PM&state=49303d34-3818-40eb-9099-8781cb5bf9df&scope=openid%20aib_login&code_challenge=fFKz58oDlNOu-lQSZaqkCkuK_eO-Zq2IrYQP8A_7Z9I&code_challenge_method=S256
Requested by
Host: aib-app.development.dimply.ai
URL: https://aib-app.development.dimply.ai/assets/index-tWcI3e2w.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.106.144.24 Cavan, Ireland, ASN5466 (EIRCOM Internet House, IE),
Reverse DNS
Software
/
Resource Hash
e5e854ada646803965460fdc5db4fdcdf6f6047aa8903ac911dd4009b7b53004
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' use.typekit.net ajax.googleapis.com; style-src 'self' 'unsafe-inline' p.typekit.net use.typekit.net https://*.aibtest.ie https://*.mid.aib.pri:*; img-src 'self' p.typekit.net https://*.aibtest.ie https://*.mid.aib.pri:*; base-uri 'self' https://*.aibtest.ie https://*.mid.aib.pri:*; object-src 'self'; frame-ancestors 'self' https://*.aibtest.ie https://*.mid.aib.pri:* https://rhaxwayvd1.mid.aib.pri:*
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://aib-app.development.dimply.ai/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-cache, no-store
Content-Length
30865
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' use.typekit.net ajax.googleapis.com; style-src 'self' 'unsafe-inline' p.typekit.net use.typekit.net https://*.aibtest.ie https://*.mid.aib.pri:*; img-src 'self' p.typekit.net https://*.aibtest.ie https://*.mid.aib.pri:*; base-uri 'self' https://*.aibtest.ie https://*.mid.aib.pri:*; object-src 'self'; frame-ancestors 'self' https://*.aibtest.ie https://*.mid.aib.pri:* https://rhaxwayvd1.mid.aib.pri:*
Content-Type
text/html;charset=utf-8
Date
Tue, 04 Jun 2024 05:02:34 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Referrer-Policy
origin
Strict-Transport-Security
max-age=15552000; includeSubDomains
main.css
api-resources-sit.aibtest.ie/assets/css/ 		175 KB
176 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://api-resources-sit.aibtest.ie/assets/css/main.css
Requested by
Host: api-resources-sit.aibtest.ie
URL: https://api-resources-sit.aibtest.ie/as/authorization.oauth2?redirect_uri=https://aib-app.development.dimply.ai/oauth2/sso/dashboard&client_id=dimply_auth&response_type=code&nonce=ofET6AnYP-lhbfMjo0n44y-2_IrrKTr9AESl88JP6PM&state=49303d34-3818-40eb-9099-8781cb5bf9df&scope=openid%20aib_login&code_challenge=fFKz58oDlNOu-lQSZaqkCkuK_eO-Zq2IrYQP8A_7Z9I&code_challenge_method=S256
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.106.144.24 Cavan, Ireland, ASN5466 (EIRCOM Internet House, IE),
Reverse DNS
Software
/
Resource Hash
4333863047ad2615646b242bc68a0d1cbd41e9bce9ca750135af6dc2e6951dd7
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' use.typekit.net ajax.googleapis.com; style-src 'self' 'unsafe-inline' p.typekit.net use.typekit.net https://*.aibtest.ie https://*.mid.aib.pri:*; img-src 'self' p.typekit.net https://*.aibtest.ie https://*.mid.aib.pri:*; base-uri 'self' https://*.aibtest.ie https://*.mid.aib.pri:*; object-src 'self'; frame-ancestors 'self' https://*.aibtest.ie https://*.mid.aib.pri:* https://rhaxwayvd1.mid.aib.pri:*
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://api-resources-sit.aibtest.ie/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 04 Jun 2024 05:02:34 GMT
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' use.typekit.net ajax.googleapis.com; style-src 'self' 'unsafe-inline' p.typekit.net use.typekit.net https://*.aibtest.ie https://*.mid.aib.pri:*; img-src 'self' p.typekit.net https://*.aibtest.ie https://*.mid.aib.pri:*; base-uri 'self' https://*.aibtest.ie https://*.mid.aib.pri:*; object-src 'self'; frame-ancestors 'self' https://*.aibtest.ie https://*.mid.aib.pri:* https://rhaxwayvd1.mid.aib.pri:*
Referrer-Policy
origin
Strict-Transport-Security
max-age=15552000; includeSubDomains
Last-Modified
Thu, 02 May 2024 12:50:52 GMT
Content-Type
text/css
Cache-Control
max-age=0, must-revalidate
Content-Length
179453
aib.bundle.99b61892d2fb64d0.js
api-resources-sit.aibtest.ie/assets/scripts/ 		26 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api-resources-sit.aibtest.ie/assets/scripts/aib.bundle.99b61892d2fb64d0.js
Requested by
Host: api-resources-sit.aibtest.ie
URL: https://api-resources-sit.aibtest.ie/as/authorization.oauth2?redirect_uri=https://aib-app.development.dimply.ai/oauth2/sso/dashboard&client_id=dimply_auth&response_type=code&nonce=ofET6AnYP-lhbfMjo0n44y-2_IrrKTr9AESl88JP6PM&state=49303d34-3818-40eb-9099-8781cb5bf9df&scope=openid%20aib_login&code_challenge=fFKz58oDlNOu-lQSZaqkCkuK_eO-Zq2IrYQP8A_7Z9I&code_challenge_method=S256
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.106.144.24 Cavan, Ireland, ASN5466 (EIRCOM Internet House, IE),
Reverse DNS
Software
/
Resource Hash
26842cff26b910ac5df720d945619d6b87c42feab3141da98dd1f8e59de44695
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' use.typekit.net ajax.googleapis.com; style-src 'self' 'unsafe-inline' p.typekit.net use.typekit.net https://*.aibtest.ie https://*.mid.aib.pri:*; img-src 'self' p.typekit.net https://*.aibtest.ie https://*.mid.aib.pri:*; base-uri 'self' https://*.aibtest.ie https://*.mid.aib.pri:*; object-src 'self'; frame-ancestors 'self' https://*.aibtest.ie https://*.mid.aib.pri:* https://rhaxwayvd1.mid.aib.pri:*
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://api-resources-sit.aibtest.ie/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 04 Jun 2024 05:02:34 GMT
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' use.typekit.net ajax.googleapis.com; style-src 'self' 'unsafe-inline' p.typekit.net use.typekit.net https://*.aibtest.ie https://*.mid.aib.pri:*; img-src 'self' p.typekit.net https://*.aibtest.ie https://*.mid.aib.pri:*; base-uri 'self' https://*.aibtest.ie https://*.mid.aib.pri:*; object-src 'self'; frame-ancestors 'self' https://*.aibtest.ie https://*.mid.aib.pri:* https://rhaxwayvd1.mid.aib.pri:*
Referrer-Policy
origin
Strict-Transport-Security
max-age=15552000; includeSubDomains
Last-Modified
Thu, 02 May 2024 12:50:52 GMT
Content-Type
application/javascript
Cache-Control
max-age=31536000
Content-Length
27130
ProximaNova-Bold.otf
api-resources-sit.aibtest.ie/assets/fonts/proxima-nova/ 		62 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://api-resources-sit.aibtest.ie/assets/fonts/proxima-nova/ProximaNova-Bold.otf
Requested by
Host: api-resources-sit.aibtest.ie
URL: https://api-resources-sit.aibtest.ie/assets/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.106.144.24 Cavan, Ireland, ASN5466 (EIRCOM Internet House, IE),
Reverse DNS
Software
/
Resource Hash
b9e81a47aecd3d05445ae775f48d08b3de46b2039f1d229a58a87be194e327ec
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' use.typekit.net ajax.googleapis.com; style-src 'self' 'unsafe-inline' p.typekit.net use.typekit.net https://*.aibtest.ie https://*.mid.aib.pri:*; img-src 'self' p.typekit.net https://*.aibtest.ie https://*.mid.aib.pri:*; base-uri 'self' https://*.aibtest.ie https://*.mid.aib.pri:*; object-src 'self'; frame-ancestors 'self' https://*.aibtest.ie https://*.mid.aib.pri:* https://rhaxwayvd1.mid.aib.pri:*
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://api-resources-sit.aibtest.ie/
Origin
https://api-resources-sit.aibtest.ie
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 04 Jun 2024 05:02:34 GMT
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' use.typekit.net ajax.googleapis.com; style-src 'self' 'unsafe-inline' p.typekit.net use.typekit.net https://*.aibtest.ie https://*.mid.aib.pri:*; img-src 'self' p.typekit.net https://*.aibtest.ie https://*.mid.aib.pri:*; base-uri 'self' https://*.aibtest.ie https://*.mid.aib.pri:*; object-src 'self'; frame-ancestors 'self' https://*.aibtest.ie https://*.mid.aib.pri:* https://rhaxwayvd1.mid.aib.pri:*
Referrer-Policy
origin
Strict-Transport-Security
max-age=15552000; includeSubDomains
Last-Modified
Thu, 02 May 2024 12:50:52 GMT
Content-Type
application/vnd.oasis.opendocument.formula-template
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, must-revalidate
Content-Length
63808
ProximaNova-Regular.otf
api-resources-sit.aibtest.ie/assets/fonts/proxima-nova/ 		61 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://api-resources-sit.aibtest.ie/assets/fonts/proxima-nova/ProximaNova-Regular.otf
Requested by
Host: api-resources-sit.aibtest.ie
URL: https://api-resources-sit.aibtest.ie/assets/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.106.144.24 Cavan, Ireland, ASN5466 (EIRCOM Internet House, IE),
Reverse DNS
Software
/
Resource Hash
2b80fbe521e07e4e84eb52e707b364c3e6c05c57e483276dc4b3be93a9794ba9
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' use.typekit.net ajax.googleapis.com; style-src 'self' 'unsafe-inline' p.typekit.net use.typekit.net https://*.aibtest.ie https://*.mid.aib.pri:*; img-src 'self' p.typekit.net https://*.aibtest.ie https://*.mid.aib.pri:*; base-uri 'self' https://*.aibtest.ie https://*.mid.aib.pri:*; object-src 'self'; frame-ancestors 'self' https://*.aibtest.ie https://*.mid.aib.pri:* https://rhaxwayvd1.mid.aib.pri:*
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://api-resources-sit.aibtest.ie/
Origin
https://api-resources-sit.aibtest.ie
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 04 Jun 2024 05:02:34 GMT
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' use.typekit.net ajax.googleapis.com; style-src 'self' 'unsafe-inline' p.typekit.net use.typekit.net https://*.aibtest.ie https://*.mid.aib.pri:*; img-src 'self' p.typekit.net https://*.aibtest.ie https://*.mid.aib.pri:*; base-uri 'self' https://*.aibtest.ie https://*.mid.aib.pri:*; object-src 'self'; frame-ancestors 'self' https://*.aibtest.ie https://*.mid.aib.pri:* https://rhaxwayvd1.mid.aib.pri:*
Referrer-Policy
origin
Strict-Transport-Security
max-age=15552000; includeSubDomains
Last-Modified
Thu, 02 May 2024 12:50:52 GMT
Content-Type
application/vnd.oasis.opendocument.formula-template
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, must-revalidate
Content-Length
62892
ProximaNova-Semibold.otf
api-resources-sit.aibtest.ie/assets/fonts/proxima-nova/ 		62 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://api-resources-sit.aibtest.ie/assets/fonts/proxima-nova/ProximaNova-Semibold.otf
Requested by
Host: api-resources-sit.aibtest.ie
URL: https://api-resources-sit.aibtest.ie/assets/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.106.144.24 Cavan, Ireland, ASN5466 (EIRCOM Internet House, IE),
Reverse DNS
Software
/
Resource Hash
9e7ff2f279f8c497d687d1248d17e7a8c19784d945698c4bc8f9168fe9e351cb
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' use.typekit.net ajax.googleapis.com; style-src 'self' 'unsafe-inline' p.typekit.net use.typekit.net https://*.aibtest.ie https://*.mid.aib.pri:*; img-src 'self' p.typekit.net https://*.aibtest.ie https://*.mid.aib.pri:*; base-uri 'self' https://*.aibtest.ie https://*.mid.aib.pri:*; object-src 'self'; frame-ancestors 'self' https://*.aibtest.ie https://*.mid.aib.pri:* https://rhaxwayvd1.mid.aib.pri:*
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://api-resources-sit.aibtest.ie/
Origin
https://api-resources-sit.aibtest.ie
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 04 Jun 2024 05:02:34 GMT
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' use.typekit.net ajax.googleapis.com; style-src 'self' 'unsafe-inline' p.typekit.net use.typekit.net https://*.aibtest.ie https://*.mid.aib.pri:*; img-src 'self' p.typekit.net https://*.aibtest.ie https://*.mid.aib.pri:*; base-uri 'self' https://*.aibtest.ie https://*.mid.aib.pri:*; object-src 'self'; frame-ancestors 'self' https://*.aibtest.ie https://*.mid.aib.pri:* https://rhaxwayvd1.mid.aib.pri:*
Referrer-Policy
origin
Strict-Transport-Security
max-age=15552000; includeSubDomains
Last-Modified
Thu, 02 May 2024 12:50:52 GMT
Content-Type
application/vnd.oasis.opendocument.formula-template
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, must-revalidate
Content-Length
63116
favicon.ico
api-resources-sit.aibtest.ie/ 		5 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://api-resources-sit.aibtest.ie/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.106.144.24 Cavan, Ireland, ASN5466 (EIRCOM Internet House, IE),
Reverse DNS
Software
/
Resource Hash
e91ac6061e8c59eec248c44ba2c63b34ac613775231e229cacb40c75bc048300
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' use.typekit.net ajax.googleapis.com; style-src 'self' 'unsafe-inline' p.typekit.net use.typekit.net https://*.aibtest.ie https://*.mid.aib.pri:*; img-src 'self' p.typekit.net https://*.aibtest.ie https://*.mid.aib.pri:*; base-uri 'self' https://*.aibtest.ie https://*.mid.aib.pri:*; object-src 'self'; frame-ancestors 'self' https://*.aibtest.ie https://*.mid.aib.pri:* https://rhaxwayvd1.mid.aib.pri:*
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://api-resources-sit.aibtest.ie/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 04 Jun 2024 05:02:34 GMT
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' use.typekit.net ajax.googleapis.com; style-src 'self' 'unsafe-inline' p.typekit.net use.typekit.net https://*.aibtest.ie https://*.mid.aib.pri:*; img-src 'self' p.typekit.net https://*.aibtest.ie https://*.mid.aib.pri:*; base-uri 'self' https://*.aibtest.ie https://*.mid.aib.pri:*; object-src 'self'; frame-ancestors 'self' https://*.aibtest.ie https://*.mid.aib.pri:* https://rhaxwayvd1.mid.aib.pri:*
Referrer-Policy
origin
Strict-Transport-Security
max-age=15552000; includeSubDomains
Last-Modified
Thu, 02 May 2024 12:50:52 GMT
Content-Length
5430
Content-Type
image/x-icon

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Allied Irish Banks (Banking)

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| aib function| aibShowTsCs function| aibHideTsCs function| aibShowMoreInfo function| aibHideMoreInfo function| removeIdentifier function| showIdentifierInputBox function| selectIdentifier function| postOk function| postRegistration function| postCancel function| submitForm function| postOnReturn function| setFocus function| createCookie function| setMobile function| getScreenWidth object| bodyTag number| width

4 Cookies

Domain/Path Name / Value
api-resources-sit.aibtest.ie/ Name: PF
Value: BxWv6Kd0oBsgP9hNfxVuzVQ2VCMCsNYtecqa1RG1lf6h
.api-resources-sit.aibtest.ie/ Name: TS01b2fa30
Value: 01725a53009f2e7fbcdd4c2b824e7dadc9f47cefadea1642aa4428fcc595600a1fd51f6fcd9829cb5459b331a3589ed372e82c8c23148f4c0e29e7b45c835736e943778152
api-resources-sit.aibtest.ie/ Name: register
Value: no
api-resources-sit.aibtest.ie/ Name: currenturl
Value: https://api-resources-sit.aibtest.ie/as/authorization.oauth2?redirect_uri=https://aib-app.development.dimply.ai/oauth2/sso/dashboard&client_id=dimply_auth&response_type=code&nonce=ofET6AnYP-lhbfMjo0n44y-2_IrrKTr9AESl88JP6PM&state=49303d34-3818-40eb-9099-8781cb5bf9df&scope=openid%20aib_login&code_challenge=fFKz58oDlNOu-lQSZaqkCkuK_eO-Zq2IrYQP8A_7Z9I&code_challenge_method=S256

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; script-src 'unsafe-eval' 'sha256-Ai8vXeMrERDV2mQjBsYHEpuV6HIWSMYrgE9j73Iea7c=' 'self'; style-src 'unsafe-inline' 'self'; object-src 'none'; base-uri 'self'; connect-src 'self' https://api.development.dimply.ai https://storage.googleapis.com wss://api.development.dimply.ai; font-src 'self' https://storage.googleapis.com; frame-src 'self'; img-src 'self' blob: https://storage.googleapis.com data:; manifest-src 'self'; media-src 'self'; worker-src 'none'; frame-ancestors 'none'; form-action 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff