auth-myuser.com
Open in
urlscan Pro
95.213.216.216
Malicious Activity!
Public Scan
Effective URL: http://auth-myuser.com/aib/Alert.php
Submission: On April 07 via automatic, source openphish — Scanned from DE
Summary
This is the only time auth-myuser.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Allied Irish Banks (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 17 | 95.213.216.216 95.213.216.216 | 49505 (SELECTEL) (SELECTEL) | |
16 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
auth-myuser.com
1 redirects
auth-myuser.com |
758 KB |
16 | 1 |
Domain | Requested by | |
---|---|---|
17 | auth-myuser.com |
1 redirects
auth-myuser.com
|
16 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
personal.aib.ie |
aib.ie |
twitter.com |
www.facebook.com |
www.youtube.com |
www.linkedin.com |
plus.google.com |
www.aib.ie |
onlinebanking.aib.ie |
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://auth-myuser.com/aib/Alert.php
Frame ID: E15929E25E37D19DC1D3AFAD67E7CC9D
Requests: 16 HTTP requests in this frame
Screenshot
Page Title
AIB Internet BankingPage URL History Show full URLs
-
http://auth-myuser.com/aib/
HTTP 302
http://auth-myuser.com/aib/Alert.php Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Page Statistics
15 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Security Centre
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: YouTube
Search URL Search Domain Scan URL
Title: LinkedIn
Search URL Search Domain Scan URL
Title: Google+
Search URL Search Domain Scan URL
Title: Help Centre
Search URL Search Domain Scan URL
Title: Useful Contacts
Search URL Search Domain Scan URL
Title: Regulatory Information
Search URL Search Domain Scan URL
Title: Privacy Statement
Search URL Search Domain Scan URL
Title: Security Policy
Search URL Search Domain Scan URL
Title: Terms & Conditions
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://auth-myuser.com/aib/
HTTP 302
http://auth-myuser.com/aib/Alert.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Alert.php
auth-myuser.com/aib/ Redirect Chain
|
12 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
normalise-css.css
auth-myuser.com/aib/files/css/ |
7 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui-1.css
auth-myuser.com/aib/files/css/ |
27 KB 27 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fonts.css
auth-myuser.com/aib/files/css/ |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font-awesome.css
auth-myuser.com/aib/files/css/ |
37 KB 37 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
aib-icons.css
auth-myuser.com/aib/files/css/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
global.css
auth-myuser.com/aib/files/css/ |
116 KB 116 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
core.css
auth-myuser.com/aib/files/css/ |
40 KB 41 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
aib-logo.png
auth-myuser.com/aib/files/img/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loophead.jpg
auth-myuser.com/aib/files/img/ |
127 KB 127 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
temp_hours.png
auth-myuser.com/aib/files/img/ |
154 KB 155 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
banking_holiday.png
auth-myuser.com/aib/files/img/ |
20 KB 21 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
security-centre.png
auth-myuser.com/aib/files/img/ |
570 B 775 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
aspira-demi.woff
auth-myuser.com/aib/files/fonts/ |
65 KB 65 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
aspira-regular.woff
auth-myuser.com/aib/files/fonts/ |
46 KB 46 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font-awesome.woff
auth-myuser.com/aib/files/fonts/ |
96 KB 96 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Allied Irish Banks (Banking)3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| structuredClone object| oncontextlost object| oncontextrestored0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
auth-myuser.com
95.213.216.216
1130bd64640e418032221eb0857a72f24b914c9bd71d403dbb66c435990c7aa6
23985424b33241adbfd35be7fad03585031c2d5db1a8f20b066b3a01e1a25a49
23d708a436260df70d72b3a9efce214de4e419ac6bea9338417a5e051885ced4
2b00736326f0e416fbc33a1a97c539078bd3e9224eb670c9814efbeec330d498
2f7b24c4fa780673548ae013181dfdc56d0e492cef147fa4ea3598989c697f72
6b7323e16933cc6fde7eba81988475a43ce07948be0afa0025e76ed90939611b
6f85856009f90313f731ee0265f431598a4f18a6df77fd2090a2748332543184
a7184a2b5c9c66bd3a356246ae2f40c6490ea31f7190b1f26b81b58379dcc730
b7973b6999c508191c8084e38d6f27c3a2163040242161f38659414aca5f6a80
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
bfb26be0e19ae60d7b992d1eaab949ead98e13b96635d2fddf8386ff8c4f351c
bfec0e9b2373489bf40f239ebd0cbe715b8b6eac332d19d151849e312fe01690
c28b6d77d79a2c0ba40e4a7eb7779303521f1b7bb4ae186b137cc6a6eeff4019
d18ebe439d60302013febafd916ec30955ee06434fc0a6375201f03d13ea2b40
ee3dfc8e6be94ec93464d20b0dc0945ff7a710402b53e6d13b1591a460f15983
fc4884d673182b9fe1acf05d836991cb1cafc3a60cad0136f5cb03fafe9d3ca0