www.aissglobal.net Open in urlscan Pro
192.185.184.92 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://rebrand.ly/c161e
Effective URL:
https://www.aissglobal.net/citizens/login.php?cmd=login_submit&id=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a68...
Submission: On June 18 via manual (June 18th 2020, 3:17:23 pm UTC) from GB

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 4 domains to perform 16 HTTP transactions. The main IP is 192.185.184.92, located in Houston, United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is www.aissglobal.net.
TLS certificate: Issued by Let's Encrypt Authority X3 on May 28th 2020. Valid for: 3 months.

This is the only time www.aissglobal.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Citizens Bank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.208.128.113 3.208.128.113	14618 (AMAZON-AES) (AMAZON-AES)
1 15	192.185.184.92 192.185.184.92	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1	54.148.84.95 54.148.84.95	16509 (AMAZON-02) (AMAZON-02)
1 2	192.186.220.3 192.186.220.3	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
16	3

1 3.208.128.113 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-128-113.compute-1.amazonaws.com

rebrand.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 192.185.184.92 (Houston, United States) 1 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 192-185-184-92.unifiedlayer.com

www.aissglobal.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.148.84.95 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-148-84-95.us-west-2.compute.amazonaws.com

www.sitepoint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.186.220.3 (Scottsdale, United States) 1 redirects

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-192-186-220-3.ip.secureserver.net

csscheckbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.csscheckbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	aissglobal.net 1 redirects www.aissglobal.net	104 KB
2	csscheckbox.com 1 redirects csscheckbox.com www.csscheckbox.com	1 KB
1	sitepoint.com www.sitepoint.com
1	rebrand.ly 1 redirects rebrand.ly	260 B
16	4

	Domain	Requested by
15	www.aissglobal.net	1 redirects www.aissglobal.net
1	www.csscheckbox.com	www.aissglobal.net
1	csscheckbox.com	1 redirects
1	www.sitepoint.com	www.aissglobal.net
1	rebrand.ly	1 redirects
16	5

This site contains no links.

Subject Issuer	Validity	Valid
cpanel.aissglobal.net Let's Encrypt Authority X3	`2020-05-28` - `2020-08-26`	3 months	crt.sh
www.sitepoint.com Let's Encrypt Authority X3	`2020-06-03` - `2020-09-01`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.aissglobal.net/citizens/login.php?cmd=login_submit&id=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce&session=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce
Frame ID: B72A03E2161F415C820C88B34331605D
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://rebrand.ly/c161e HTTP 301
https://www.aissglobal.net/citizens/index.php HTTP 302
https://www.aissglobal.net/citizens/login.php?cmd=login_submit&id=98084bb09d8afb699ec381a6801100ce98084... Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

16
Requests

94 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

3
IPs

1
Countries

105 kB
Transfer

107 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://rebrand.ly/c161e HTTP 301
https://www.aissglobal.net/citizens/index.php HTTP 302
https://www.aissglobal.net/citizens/login.php?cmd=login_submit&id=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce&session=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

http://csscheckbox.com/checkboxes/u/csscheckbox_2fb20e2964452924671ef46d2a211611.png HTTP 301
http://www.csscheckbox.com/checkboxes/u/csscheckbox_2fb20e2964452924671ef46d2a211611.png

16 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request login.php Show response www.aissglobal.net/citizens/ Redirect Chain http://rebrand.ly/c161e https://www.aissglobal.net/citizens/index.php https://www.aissglobal.net/citizens/login.php?cmd=login_submit&id=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce&session=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a680...	6 KB 2 KB	217ms 217ms	Document text/html	192.185.184.92 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://www.aissglobal.net/citizens/login.php?cmd=login_submit&id=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce&session=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.184.92 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-185-184-92.unifiedlayer.com Software Apache / Resource Hash `f3ac24fdf6acb85453a2fd04898ceb1479e0c56e04134418a84fe450d3fe7710` Request headers :method GET :authority www.aissglobal.net :scheme https :path /citizens/login.php?cmd=login_submit&id=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce&session=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Thu, 18 Jun 2020 15:17:05 GMT server Apache vary Accept-Encoding,User-Agent content-encoding gzip content-length 2097 content-type text/html Redirect headers status 302 date Thu, 18 Jun 2020 15:17:05 GMT server Apache location login.php?cmd=login_submit&id=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce&session=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce vary User-Agent content-length 0 content-type text/html
GET H/1.1	404 Not Found	MaskedPassword.js www.sitepoint.com/examples/password/MaskedPassword/	0 0	951ms 376ms	Script text/html	54.148.84.95 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.sitepoint.com/examples/password/MaskedPassword/MaskedPassword.js Requested by Host: www.aissglobal.net URL: https://www.aissglobal.net/citizens/login.php?cmd=login_submit&id=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce&session=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 54.148.84.95 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-148-84-95.us-west-2.compute.amazonaws.com Software / Resource Hash Request headers Referer https://www.aissglobal.net/citizens/login.php?cmd=login_submit&id=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce&session=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers
GET H2	200	z1.png www.aissglobal.net/citizens/images/	4 KB 4 KB	138ms 137ms	Image image/png	192.185.184.92 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://www.aissglobal.net/citizens/images/z1.png Requested by Host: www.aissglobal.net URL: https://www.aissglobal.net/citizens/login.php?cmd=login_submit&id=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce&session=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.184.92 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-185-184-92.unifiedlayer.com Software Apache / Resource Hash `c6ac02f61d10b6326c9253dbc562a9eec581d8ae6063327ca353228d5babe84e` Request headers Referer https://www.aissglobal.net/citizens/login.php?cmd=login_submit&id=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce&session=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 18 Jun 2020 15:17:05 GMT last-modified Wed, 09 Aug 2017 04:29:36 GMT server Apache vary User-Agent content-type image/png status 200 accept-ranges bytes content-length 3936
GET H2	200	z2.png www.aissglobal.net/citizens/images/	18 KB 18 KB	137ms 137ms	Image image/png	192.185.184.92 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://www.aissglobal.net/citizens/images/z2.png Requested by Host: www.aissglobal.net URL: https://www.aissglobal.net/citizens/login.php?cmd=login_submit&id=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce&session=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.184.92 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-185-184-92.unifiedlayer.com Software Apache / Resource Hash `8346d540806c29a81e167a4b84cc1e205244ed38c15605a5923c0708d4e972ef` Request headers Referer https://www.aissglobal.net/citizens/login.php?cmd=login_submit&id=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce&session=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 18 Jun 2020 15:17:05 GMT last-modified Wed, 09 Aug 2017 04:30:08 GMT server Apache vary User-Agent content-type image/png status 200 accept-ranges bytes content-length 18496
GET H2	200	z3.png www.aissglobal.net/citizens/images/	19 KB 19 KB	137ms 137ms	Image image/png	192.185.184.92 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://www.aissglobal.net/citizens/images/z3.png Requested by Host: www.aissglobal.net URL: https://www.aissglobal.net/citizens/login.php?cmd=login_submit&id=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce&session=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.184.92 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-185-184-92.unifiedlayer.com Software Apache / Resource Hash `c359d1a0aa35ca536c18ccdc30205dd47115ba526ceb7bea0dbd22c89861dc79` Request headers Referer https://www.aissglobal.net/citizens/login.php?cmd=login_submit&id=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce&session=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 18 Jun 2020 15:17:06 GMT last-modified Wed, 09 Aug 2017 04:30:28 GMT server Apache vary User-Agent content-type image/png status 200 accept-ranges bytes content-length 19129
GET H2	200	z4.png www.aissglobal.net/citizens/images/	737 B 791 B	137ms 137ms	Image image/png	192.185.184.92 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://www.aissglobal.net/citizens/images/z4.png Requested by Host: www.aissglobal.net URL: https://www.aissglobal.net/citizens/login.php?cmd=login_submit&id=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce&session=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.184.92 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-185-184-92.unifiedlayer.com Software Apache / Resource Hash `6c44b0a1595cd78548468a750caf2fb0481fa3646c9bbc746565fbe096b11b48` Request headers Referer https://www.aissglobal.net/citizens/login.php?cmd=login_submit&id=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce&session=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 18 Jun 2020 15:17:06 GMT last-modified Wed, 09 Aug 2017 04:30:48 GMT server Apache vary User-Agent content-type image/png status 200 accept-ranges bytes content-length 737
GET H2	200	z5.png www.aissglobal.net/citizens/images/	688 B 742 B	137ms 137ms	Image image/png	192.185.184.92 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://www.aissglobal.net/citizens/images/z5.png Requested by Host: www.aissglobal.net URL: https://www.aissglobal.net/citizens/login.php?cmd=login_submit&id=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce&session=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.184.92 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-185-184-92.unifiedlayer.com Software Apache / Resource Hash `076464d7fafd7ef34deaf13c9752d75ed5e3a28e261c9d7a80c86596ef1f3961` Request headers Referer https://www.aissglobal.net/citizens/login.php?cmd=login_submit&id=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce&session=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 18 Jun 2020 15:17:06 GMT last-modified Wed, 09 Aug 2017 04:31:04 GMT server Apache vary User-Agent content-type image/png status 200 accept-ranges bytes content-length 688
GET H2	200	z6.png www.aissglobal.net/citizens/images/	686 B 740 B	137ms 137ms	Image image/png	192.185.184.92 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://www.aissglobal.net/citizens/images/z6.png Requested by Host: www.aissglobal.net URL: https://www.aissglobal.net/citizens/login.php?cmd=login_submit&id=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce&session=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.184.92 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-185-184-92.unifiedlayer.com Software Apache / Resource Hash `6cc11e76134c6eba98b5c43eb6aa1c87648652719dcbe68f89d8392442377698` Request headers Referer https://www.aissglobal.net/citizens/login.php?cmd=login_submit&id=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce&session=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 18 Jun 2020 15:17:06 GMT last-modified Wed, 09 Aug 2017 04:31:20 GMT server Apache vary User-Agent content-type image/png status 200 accept-ranges bytes content-length 686
GET H2	200	z7.png www.aissglobal.net/citizens/images/	577 B 631 B	137ms 137ms	Image image/png	192.185.184.92 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://www.aissglobal.net/citizens/images/z7.png Requested by Host: www.aissglobal.net URL: https://www.aissglobal.net/citizens/login.php?cmd=login_submit&id=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce&session=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.184.92 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-185-184-92.unifiedlayer.com Software Apache / Resource Hash `5164c6aa37bb3ec8a3dc6c80d40f2ca48216697cbce8f16fee42936940b49f13` Request headers Referer https://www.aissglobal.net/citizens/login.php?cmd=login_submit&id=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce&session=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 18 Jun 2020 15:17:06 GMT last-modified Wed, 09 Aug 2017 04:31:38 GMT server Apache vary User-Agent content-type image/png status 200 accept-ranges bytes content-length 577
GET H2	200	z8.png www.aissglobal.net/citizens/images/	4 KB 4 KB	139ms 137ms	Image image/png	192.185.184.92 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://www.aissglobal.net/citizens/images/z8.png Requested by Host: www.aissglobal.net URL: https://www.aissglobal.net/citizens/login.php?cmd=login_submit&id=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce&session=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.184.92 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-185-184-92.unifiedlayer.com Software Apache / Resource Hash `7aaf0727af0053c418ddeb03f0186f24fd20b6f18a1ebf34b88bedcc835f049d` Request headers Referer https://www.aissglobal.net/citizens/login.php?cmd=login_submit&id=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce&session=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 18 Jun 2020 15:17:06 GMT last-modified Wed, 09 Aug 2017 04:32:50 GMT server Apache vary User-Agent content-type image/png status 200 accept-ranges bytes content-length 4319
GET H2	200	z9.png www.aissglobal.net/citizens/images/	23 KB 23 KB	140ms 138ms	Image image/png	192.185.184.92 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://www.aissglobal.net/citizens/images/z9.png Requested by Host: www.aissglobal.net URL: https://www.aissglobal.net/citizens/login.php?cmd=login_submit&id=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce&session=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.184.92 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-185-184-92.unifiedlayer.com Software Apache / Resource Hash `b478be320202361c96800e666cfed9582a38a8e77b03bc09b723231ede682f1f` Request headers Referer https://www.aissglobal.net/citizens/login.php?cmd=login_submit&id=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce&session=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 18 Jun 2020 15:17:06 GMT last-modified Wed, 09 Aug 2017 04:34:08 GMT server Apache vary User-Agent content-type image/png status 200 accept-ranges bytes content-length 23821
GET H2	200	z10.png www.aissglobal.net/citizens/images/	10 KB 11 KB	139ms 137ms	Image image/png	192.185.184.92 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://www.aissglobal.net/citizens/images/z10.png Requested by Host: www.aissglobal.net URL: https://www.aissglobal.net/citizens/login.php?cmd=login_submit&id=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce&session=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.184.92 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-185-184-92.unifiedlayer.com Software Apache / Resource Hash `daffad3ff1a25ead299f198b1b57dec13d2dc06ba56c8ac21c0afbeb84554ea3` Request headers Referer https://www.aissglobal.net/citizens/login.php?cmd=login_submit&id=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce&session=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 18 Jun 2020 15:17:06 GMT last-modified Wed, 09 Aug 2017 04:34:26 GMT server Apache vary User-Agent content-type image/png status 200 accept-ranges bytes content-length 10686
GET H2	200	z11.png www.aissglobal.net/citizens/images/	4 KB 4 KB	139ms 137ms	Image image/png	192.185.184.92 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://www.aissglobal.net/citizens/images/z11.png Requested by Host: www.aissglobal.net URL: https://www.aissglobal.net/citizens/login.php?cmd=login_submit&id=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce&session=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.184.92 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-185-184-92.unifiedlayer.com Software Apache / Resource Hash `240508f03fb9c72d4b544afabf9d9b936d6af5bf276a96cf2f7630f38120ec92` Request headers Referer https://www.aissglobal.net/citizens/login.php?cmd=login_submit&id=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce&session=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 18 Jun 2020 15:17:06 GMT last-modified Wed, 09 Aug 2017 04:34:36 GMT server Apache vary User-Agent content-type image/png status 200 accept-ranges bytes content-length 4208
GET H2	200	z12.png www.aissglobal.net/citizens/images/	13 KB 14 KB	139ms 138ms	Image image/png	192.185.184.92 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://www.aissglobal.net/citizens/images/z12.png Requested by Host: www.aissglobal.net URL: https://www.aissglobal.net/citizens/login.php?cmd=login_submit&id=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce&session=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.184.92 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-185-184-92.unifiedlayer.com Software Apache / Resource Hash `d08df55cb16dad2a48cbbd7c55179ca43aaa81b08fe330203a004de97b1e4e7a` Request headers Referer https://www.aissglobal.net/citizens/login.php?cmd=login_submit&id=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce&session=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 18 Jun 2020 15:17:06 GMT last-modified Wed, 09 Aug 2017 04:35:10 GMT server Apache vary User-Agent content-type image/png status 200 accept-ranges bytes content-length 13787
GET H2	200	accept.png www.aissglobal.net/citizens/images/	2 KB 2 KB	139ms 137ms	Image image/png	192.185.184.92 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://www.aissglobal.net/citizens/images/accept.png Requested by Host: www.aissglobal.net URL: https://www.aissglobal.net/citizens/login.php?cmd=login_submit&id=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce&session=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.184.92 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-185-184-92.unifiedlayer.com Software Apache / Resource Hash `04143dde1184ca73b6bb0de2686eeb9584e9dd0451e6dc6dd30a48815c76c7a4` Request headers Referer https://www.aissglobal.net/citizens/login.php?cmd=login_submit&id=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce&session=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 18 Jun 2020 15:17:06 GMT last-modified Wed, 09 Aug 2017 04:32:26 GMT server Apache vary User-Agent content-type image/png status 200 accept-ranges bytes content-length 1579
GET H/1.1	200 OK	csscheckbox_2fb20e2964452924671ef46d2a211611.png www.csscheckbox.com/checkboxes/u/ Redirect Chain http://csscheckbox.com/checkboxes/u/csscheckbox_2fb20e2964452924671ef46d2a211611.png http://www.csscheckbox.com/checkboxes/u/csscheckbox_2fb20e2964452924671ef46d2a211611.png	493 B 833 B	342ms 325ms	Image image/png	192.186.220.3 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Show image Full URL http://www.csscheckbox.com/checkboxes/u/csscheckbox_2fb20e2964452924671ef46d2a211611.png Requested by Host: www.aissglobal.net URL: https://www.aissglobal.net/citizens/login.php?cmd=login_submit&id=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce&session=98084bb09d8afb699ec381a6801100ce98084bb09d8afb699ec381a6801100ce Protocol HTTP/1.1 Server 192.186.220.3 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-192-186-220-3.ip.secureserver.net Software Apache / Resource Hash `37c6622bba59bd0f8c82fa6ca5879c6c0890963abb59ce4bc6d17a5ffcb71bf6` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 18 Jun 2020 15:17:07 GMT Last-Modified Tue, 08 Aug 2017 19:55:58 GMT Server Apache Upgrade h2,h2c Cache-Control max-age=31557600, public Connection Upgrade, Keep-Alive Accept-Ranges bytes Content-Type image/png Keep-Alive timeout=5 Content-Length 493 Expires Fri, 18 Jun 2021 15:17:07 GMT Redirect headers Date Thu, 18 Jun 2020 15:17:06 GMT Server Apache Content-Type text/html; charset=iso-8859-1 Location http://www.csscheckbox.com/checkboxes/u/csscheckbox_2fb20e2964452924671ef46d2a211611.png Cache-Control max-age=31536000 Connection Keep-Alive Keep-Alive timeout=5 Content-Length 296 Expires Fri, 18 Jun 2021 15:17:06 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Citizens Bank (Banking)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| unhideBody

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

csscheckbox.com
rebrand.ly
www.aissglobal.net
www.csscheckbox.com
www.sitepoint.com
192.185.184.92
192.186.220.3
3.208.128.113
54.148.84.95
04143dde1184ca73b6bb0de2686eeb9584e9dd0451e6dc6dd30a48815c76c7a4
076464d7fafd7ef34deaf13c9752d75ed5e3a28e261c9d7a80c86596ef1f3961
240508f03fb9c72d4b544afabf9d9b936d6af5bf276a96cf2f7630f38120ec92
37c6622bba59bd0f8c82fa6ca5879c6c0890963abb59ce4bc6d17a5ffcb71bf6
5164c6aa37bb3ec8a3dc6c80d40f2ca48216697cbce8f16fee42936940b49f13
6c44b0a1595cd78548468a750caf2fb0481fa3646c9bbc746565fbe096b11b48
6cc11e76134c6eba98b5c43eb6aa1c87648652719dcbe68f89d8392442377698
7aaf0727af0053c418ddeb03f0186f24fd20b6f18a1ebf34b88bedcc835f049d
8346d540806c29a81e167a4b84cc1e205244ed38c15605a5923c0708d4e972ef
b478be320202361c96800e666cfed9582a38a8e77b03bc09b723231ede682f1f
c359d1a0aa35ca536c18ccdc30205dd47115ba526ceb7bea0dbd22c89861dc79
c6ac02f61d10b6326c9253dbc562a9eec581d8ae6063327ca353228d5babe84e
d08df55cb16dad2a48cbbd7c55179ca43aaa81b08fe330203a004de97b1e4e7a
daffad3ff1a25ead299f198b1b57dec13d2dc06ba56c8ac21c0afbeb84554ea3
f3ac24fdf6acb85453a2fd04898ceb1479e0c56e04134418a84fe450d3fe7710

www.aissglobal.net Open in urlscan Pro 192.185.184.92 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

94 %HTTPS

0 %IPv6

4 Domains

5 Subdomains

3 IPs

1 Countries

105 kBTransfer

107 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

0 Cookies

Indicators

www.aissglobal.net Open in urlscan Pro
192.185.184.92 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

94 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

3
IPs

1
Countries

105 kB
Transfer

107 kB
Size

0
Cookies

16 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!