![](/screenshots/f81e7f52-92ea-44ea-a91c-72d18cb08426.png)
ai.diisvida.top
Open in
urlscan Pro
173.254.247.86
Malicious Activity!
Public Scan
Effective URL: https://ai.diisvida.top/
Submission: On June 15 via api from GB — Scanned from GB
Summary
TLS certificate: Issued by R3 on June 9th 2023. Valid for: 3 months.
This is the only time ai.diisvida.top was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Allied Irish Banks (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 9 | 173.254.247.86 173.254.247.86 | 8100 (ASN-QUADR...) (ASN-QUADRANET-GLOBAL) | |
16 | 194.69.198.194 194.69.198.194 | 16282 (AIB-AS-1) (AIB-AS-1) | |
4 | 2a00:1450:400... 2a00:1450:4001:808::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:810::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a04:4e42:600... 2a04:4e42:600::485 | 54113 (FASTLY) (FASTLY) | |
1 | 18.66.92.74 18.66.92.74 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 35.71.131.224 35.71.131.224 | 16509 (AMAZON-02) (AMAZON-02) | |
35 | 8 |
ASN8100 (ASN-QUADRANET-GLOBAL, US)
PTR: 173.254.247.86.static.hostdare.com
ai.diisvida.top |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-92-74.fra56.r.cloudfront.net
d1mj578wat5n4o.cloudfront.net |
ASN16509 (AMAZON-02, US)
PTR: aedf60d16a50bb347.awsglobalaccelerator.com
api.boxever.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
aib.ie
aib.ie — Cisco Umbrella Rank: 255757 |
|
9 |
diisvida.top
1 redirects
ai.diisvida.top |
397 KB |
4 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 82 |
314 KB |
1 |
boxever.com
api.boxever.com — Cisco Umbrella Rank: 47881 |
312 B |
1 |
cloudfront.net
d1mj578wat5n4o.cloudfront.net |
8 KB |
1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 379 |
24 KB |
1 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 60 |
21 KB |
35 | 7 |
Domain | Requested by | |
---|---|---|
16 | aib.ie |
ai.diisvida.top
|
9 | ai.diisvida.top |
1 redirects
ai.diisvida.top
|
4 | www.googletagmanager.com |
ai.diisvida.top
|
1 | api.boxever.com |
d1mj578wat5n4o.cloudfront.net
|
1 | d1mj578wat5n4o.cloudfront.net |
ai.diisvida.top
|
1 | cdn.jsdelivr.net |
ai.diisvida.top
|
1 | www.google-analytics.com |
ai.diisvida.top
|
35 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
aib.ie |
personal.aib.ie |
www.aib.ie |
Subject Issuer | Validity | Valid | |
---|---|---|---|
ai.diisvida.top R3 |
2023-06-09 - 2023-09-07 |
3 months | crt.sh |
aib.ie DigiCert EV RSA CA G2 |
2022-06-27 - 2023-07-06 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-05-22 - 2023-08-14 |
3 months | crt.sh |
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4 |
2022-12-23 - 2024-01-24 |
a year | crt.sh |
*.cloudfront.net Amazon RSA 2048 M01 |
2022-12-08 - 2023-12-07 |
a year | crt.sh |
*.boxever.com Amazon RSA 2048 M01 |
2023-04-02 - 2024-05-01 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://ai.diisvida.top/
Frame ID: DAA9A193F84F703EF46F81887D866499
Requests: 35 HTTP requests in this frame
Screenshot
![](/screenshots/f81e7f52-92ea-44ea-a91c-72d18cb08426.png)
Page Title
AIB Internet BankingPage URL History Show full URLs
-
http://ai.diisvida.top/
HTTP 301
https://ai.diisvida.top/ Page URL
Detected technologies
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Detected patterns
- jquery-ui[.-]([\d.]*\d)[^/]*\.js
- jquery-ui.*\.js
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
9 Outgoing links
These are links going to different origins than the main page.
Title: Register for Internet Banking
Search URL Search Domain Scan URL
Title: Forgotten Registration Number?
Search URL Search Domain Scan URL
Title: Security Centre
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Cookie Policy
Search URL Search Domain Scan URL
Title: Privacy Statement
Search URL Search Domain Scan URL
Title: Security Policy
Search URL Search Domain Scan URL
Title: Terms & Conditions
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://ai.diisvida.top/
HTTP 301
https://ai.diisvida.top/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
35 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
ai.diisvida.top/ Redirect Chain
|
248 KB 42 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui-1.12.1.custom.css
aib.ie/common/css/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
aspira-bold-webfont.woff
aib.ie/etc.clientlibs/frontdoor/clientlibs/resources/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
aspira-demi-webfont.woff
aib.ie/etc.clientlibs/frontdoor/clientlibs/resources/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
aspira-regular-webfont.woff
aib.ie/etc.clientlibs/frontdoor/clientlibs/resources/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
aib-icons.css
aib.ie/common/css/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
core.css
aib.ie/roi-desktop/css/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
258 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
51 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
161 KB 58 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
220 KB 75 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
315 KB 94 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.5.0.js
aib.ie/common/javascript/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.browser.js
aib.ie/common/javascript/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui-1.12.1.custom.js
aib.ie/common/javascript/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.blockUI.js
aib.ie/common/javascript/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.spin.js
aib.ie/roi-common/javascript/libs/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
librariesExtensions.js
aib.ie/roi-common/javascript/aib/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibank-devices.js
aib.ie/roi-common/javascript/aib/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common.js
aib.ie/roi-common/javascript/aib/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibank.js
aib.ie/roi-common/javascript/aib/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common-init.js
aib.ie/roi-common/javascript/aib/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibank-init.js
aib.ie/roi-desktop/javascript/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibank-expand-radios.js
aib.ie/roi-desktop/javascript/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gtm-custom.js
aib.ie/roi-desktop/javascript/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
purple-logo.png
ai.diisvida.top/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
year-end-notice.png
ai.diisvida.top/images/ |
27 KB 27 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lost-stolen-int-new.png
ai.diisvida.top/images/ |
169 KB 169 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/ |
77 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
landing_screen_bg.png
ai.diisvida.top/images/ |
148 KB 149 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon_user.png
ai.diisvida.top/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon_fraud_alert.png
ai.diisvida.top/images/ |
913 B 984 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon_security.png
ai.diisvida.top/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
boxever-1.4.6.min.js
d1mj578wat5n4o.cloudfront.net/ |
24 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
create.json
api.boxever.com/v1.2/browser/ |
202 B 312 B |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- aib.ie
- URL
- https://aib.ie/etc.clientlibs/frontdoor/clientlibs/resources/fonts/aspira-bold-webfont.woff
- Domain
- aib.ie
- URL
- https://aib.ie/etc.clientlibs/frontdoor/clientlibs/resources/fonts/aspira-demi-webfont.woff
- Domain
- aib.ie
- URL
- https://aib.ie/etc.clientlibs/frontdoor/clientlibs/resources/fonts/aspira-regular-webfont.woff
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Allied Irish Banks (Banking)34 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| onbeforetoggle object| onscrollend object| aib object| dataLayer number| uidEvent object| bootstrap object| google_tag_data function| ga object| gaplugins object| google_tag_manager function| onYouTubeIframeAPIReady function| postscribe object| google_tag_manager_external string| Boxever_Client_Key object| _boxever_settings object| _boxever_parameters object| _boxever_utils object| BoxeverStorage function| initBoxeverStorage object| BoxeverXML object| BoxeverJSONP object| BoxeverJERS object| _boxever_error_service object| BoxeverCrossDomain object| _boxeverq function| __boxever object| Boxever object| _boxever function| validateSettings function| initSettings function| boxeverInit function| __boxeverQueue object| $1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
ai.diisvida.top/ | Name: PHPSESSID Value: jvm1597o3k734urb52tfl6dgmt |
19 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ai.diisvida.top
aib.ie
api.boxever.com
cdn.jsdelivr.net
d1mj578wat5n4o.cloudfront.net
www.google-analytics.com
www.googletagmanager.com
aib.ie
173.254.247.86
18.66.92.74
194.69.198.194
2a00:1450:4001:808::2008
2a00:1450:4001:810::200e
2a04:4e42:600::485
35.71.131.224
0875d350a6dde0e4f68a4cc2cdea8fd2dc0d7d288ff8a1d210dfcfc6aebb16af
17f5dae34ec35ef390eba846f724184dc48eb8b7833acfd397ee4e37edba29eb
2a6b2df6d98f4fa404a3a0ba06878962147f1000468245b92e68bfcc8a4a31a1
323606f30abf3769f890bc97f4ea3e894f64f768980632da4c41eca56dc4cd9a
38bae054a2a04a9fc31af2ca9d535d3cd9e6849f757879260822d6c4d218221f
5ac5bb402efac87dd11ab5355fe83a0701d64260d65fcd696cf184db4146e7a4
6e5b5a142d48aa1afc0efc4ba0a349ddd173633fa0101bbc04b0e2a0b9588a28
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
89e2e1b238766af64dfa897d79092242823e68ce69dcb2a4f4cee10282979df1
8a5efff3faad0e41a23911f060ebb89887bf87c0671b2f540880451184ce7b01
bd4ff630aa2a679926d9c66faf6211e7f4e330ae5ebb2975468dd912a2ea7335
c28b6d77d79a2c0ba40e4a7eb7779303521f1b7bb4ae186b137cc6a6eeff4019
d6394b6eee93c9aabf2b3ef129ed8f441e832aa36da8fe0034ae291baefa9d46
d73f6aac5aa999a57eeed2903dc8739a36ad4b4c78d83ca9274c5d2157fb0a35
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8eb970e91968824deebe36287297304215d61ca17b71809d338742600b92c02