www.dewitcameras.com Open in urlscan Pro
35.214.232.7  Malicious Activity! Public Scan

URL: https://www.dewitcameras.com/lbonline/
Submission Tags: @phish_report
Submission: On August 30 via api from FI — Scanned from NL

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 21 HTTP transactions. The main IP is 35.214.232.7, located in Groningen, Netherlands and belongs to GOOGLE, US. The main domain is www.dewitcameras.com.
TLS certificate: Issued by R3 on August 5th 2023. Valid for: 3 months.
This is the only time www.dewitcameras.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Land Bank of the Philippines (Banking)

Domain & IP information

IP Address AS Autonomous System
21 35.214.232.7 15169 (GOOGLE)
21 1
Apex Domain
Subdomains
Transfer
21 dewitcameras.com
www.dewitcameras.com
996 KB
21 1
Domain Requested by
21 www.dewitcameras.com www.dewitcameras.com
21 1

This site contains links to these domains. Also see Links.

Domain
www.landbank.com
www.lbpiaccess.com
Subject Issuer Validity Valid
*.dewitcameras.com
R3
2023-08-05 -
2023-11-03
3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.dewitcameras.com/lbonline/
Frame ID: 50C496C2C6C080E6FF114E1D48D73D3D
Requests: 21 HTTP requests in this frame

Screenshot

Page Title

LANDBANK iAccess Retail Internet Banking - Login

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

996 kB
Transfer

1778 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.dewitcameras.com/lbonline/
9 KB
3 KB
Document
General
Full URL
https://www.dewitcameras.com/lbonline/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.214.232.7 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
7.232.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
7191e57b809d00cf46e04cd5c6090da4b7e6b36fa836282ff345671ba19b86f9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Security-Policy script-src https://www.dewitcameras.com/
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Wed, 30 Aug 2023 22:43:55 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
pragma
public
referrer-policy
strict-origin-when-cross-origin
server
nginx
vary
Accept-Encoding
x-cdn-c
static
x-content-security-policy
script-src https://www.dewitcameras.com/
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-httpd-modphp
1
x-proxy-cache
HIT
x-xss-protection
1; mode=block
theme.css
www.dewitcameras.com/lbonline/login_files/
22 KB
3 KB
Stylesheet
General
Full URL
https://www.dewitcameras.com/lbonline/login_files/theme.css
Requested by
Host: www.dewitcameras.com
URL: https://www.dewitcameras.com/lbonline/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.214.232.7 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
7.232.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
be5fe6e7f73e241d2332683415cafcaa27e63518585ab172de6bad7827d19921

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.dewitcameras.com/lbonline/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 22:43:55 GMT
content-encoding
br
last-modified
Sat, 20 Nov 2021 09:32:06 GMT
server
nginx
etag
W/"6198c096-59f4"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
text/css
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
x-cdn-c
static
expires
Thu, 29 Aug 2024 22:43:55 GMT
font-awesome.css
www.dewitcameras.com/lbonline/login_files/
30 KB
7 KB
Stylesheet
General
Full URL
https://www.dewitcameras.com/lbonline/login_files/font-awesome.css
Requested by
Host: www.dewitcameras.com
URL: https://www.dewitcameras.com/lbonline/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.214.232.7 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
7.232.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
15b4966c5bf349d9fb1e689ec71deb483c1cd88bd5eb6536b41b070022d9cd9a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.dewitcameras.com/lbonline/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 22:43:55 GMT
content-encoding
br
last-modified
Sat, 20 Nov 2021 09:32:28 GMT
server
nginx
etag
W/"6198c0ac-7971"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
text/css
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
x-cdn-c
static
expires
Thu, 29 Aug 2024 22:43:55 GMT
style.css
www.dewitcameras.com/lbonline/login_files/
9 KB
2 KB
Stylesheet
General
Full URL
https://www.dewitcameras.com/lbonline/login_files/style.css
Requested by
Host: www.dewitcameras.com
URL: https://www.dewitcameras.com/lbonline/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.214.232.7 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
7.232.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
4989ab23da34c76c830e196d860158615473b777d70c86725b1408b37893391a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.dewitcameras.com/lbonline/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 22:43:55 GMT
content-encoding
br
last-modified
Sat, 20 Nov 2021 09:32:54 GMT
server
nginx
etag
W/"6198c0c6-25bc"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
text/css
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
x-cdn-c
static
expires
Thu, 29 Aug 2024 22:43:55 GMT
components.css
www.dewitcameras.com/lbonline/login_files/
91 KB
14 KB
Stylesheet
General
Full URL
https://www.dewitcameras.com/lbonline/login_files/components.css
Requested by
Host: www.dewitcameras.com
URL: https://www.dewitcameras.com/lbonline/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.214.232.7 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
7.232.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
30d2366156407c8e880c278b92f03e107f1742798cb30cb6ef9de3c48bb6e500

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.dewitcameras.com/lbonline/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 22:43:55 GMT
content-encoding
br
last-modified
Sat, 20 Nov 2021 09:33:12 GMT
server
nginx
etag
W/"6198c0d8-16bc7"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
text/css
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
x-cdn-c
static
expires
Thu, 29 Aug 2024 22:43:55 GMT
jquery.js
www.dewitcameras.com/lbonline/login_files/
85 KB
29 KB
Script
General
Full URL
https://www.dewitcameras.com/lbonline/login_files/jquery.js
Requested by
Host: www.dewitcameras.com
URL: https://www.dewitcameras.com/lbonline/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.214.232.7 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
7.232.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.dewitcameras.com/lbonline/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 22:43:55 GMT
content-encoding
br
last-modified
Sat, 20 Nov 2021 09:33:26 GMT
server
nginx
etag
W/"6198c0e6-1538f"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
x-cdn-c
static
expires
Thu, 29 Aug 2024 22:43:55 GMT
jquery-plugins.js
www.dewitcameras.com/lbonline/login_files/
261 KB
66 KB
Script
General
Full URL
https://www.dewitcameras.com/lbonline/login_files/jquery-plugins.js
Requested by
Host: www.dewitcameras.com
URL: https://www.dewitcameras.com/lbonline/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.214.232.7 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
7.232.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
f885ed4c6a440fee7c6635755899d7f3fb852aba76994d1d8f146c03b2ddc7e9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.dewitcameras.com/lbonline/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 22:43:55 GMT
content-encoding
br
last-modified
Sat, 20 Nov 2021 09:33:48 GMT
server
nginx
etag
W/"6198c0fc-41531"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
x-cdn-c
static
expires
Thu, 29 Aug 2024 22:43:55 GMT
core.js
www.dewitcameras.com/lbonline/login_files/
37 KB
11 KB
Script
General
Full URL
https://www.dewitcameras.com/lbonline/login_files/core.js
Requested by
Host: www.dewitcameras.com
URL: https://www.dewitcameras.com/lbonline/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.214.232.7 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
7.232.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
5eceb6418f74002f33269b3180f5d1382d55f7e960294009e733b0f2da83cb25

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.dewitcameras.com/lbonline/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 22:43:55 GMT
content-encoding
br
last-modified
Sat, 20 Nov 2021 09:34:04 GMT
server
nginx
etag
W/"6198c10c-9322"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
x-cdn-c
static
expires
Thu, 29 Aug 2024 22:43:55 GMT
components.js
www.dewitcameras.com/lbonline/login_files/
412 KB
74 KB
Script
General
Full URL
https://www.dewitcameras.com/lbonline/login_files/components.js
Requested by
Host: www.dewitcameras.com
URL: https://www.dewitcameras.com/lbonline/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.214.232.7 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
7.232.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
0e6a8e5c97af1964e4a4fed9fc580fa5648ae11b247dc5136f3c4a1195151560

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.dewitcameras.com/lbonline/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 22:43:55 GMT
content-encoding
br
last-modified
Sat, 20 Nov 2021 09:34:26 GMT
server
nginx
etag
W/"6198c122-66fd8"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
x-cdn-c
static
expires
Thu, 29 Aug 2024 22:43:55 GMT
core-min.js
www.dewitcameras.com/lbonline/login_files/
3 KB
2 KB
Script
General
Full URL
https://www.dewitcameras.com/lbonline/login_files/core-min.js
Requested by
Host: www.dewitcameras.com
URL: https://www.dewitcameras.com/lbonline/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.214.232.7 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
7.232.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
f30b3115cae7a1140dbecd3be59a546a738518fa11e161a9e92dd7cba45613d0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.dewitcameras.com/lbonline/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 22:43:55 GMT
content-encoding
br
last-modified
Sat, 20 Nov 2021 09:34:42 GMT
server
nginx
etag
W/"6198c132-ced"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
x-cdn-c
static
expires
Thu, 29 Aug 2024 22:43:55 GMT
aes.js
www.dewitcameras.com/lbonline/login_files/
13 KB
5 KB
Script
General
Full URL
https://www.dewitcameras.com/lbonline/login_files/aes.js
Requested by
Host: www.dewitcameras.com
URL: https://www.dewitcameras.com/lbonline/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.214.232.7 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
7.232.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
3712d663c01cd4c50dbf786c68d6fa3cf0f1ee599bf80fbaf7bc669ffc802867

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.dewitcameras.com/lbonline/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 22:43:55 GMT
content-encoding
br
last-modified
Sat, 20 Nov 2021 09:34:56 GMT
server
nginx
etag
W/"6198c140-3451"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
x-cdn-c
static
expires
Thu, 29 Aug 2024 22:43:55 GMT
enc-base64-min.js
www.dewitcameras.com/lbonline/login_files/
875 B
770 B
Script
General
Full URL
https://www.dewitcameras.com/lbonline/login_files/enc-base64-min.js
Requested by
Host: www.dewitcameras.com
URL: https://www.dewitcameras.com/lbonline/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.214.232.7 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
7.232.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
2ff64ff3319d09a9a02e2d88957f29ea7c00040d4052a04360d7e6af29d21289

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.dewitcameras.com/lbonline/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 22:43:55 GMT
content-encoding
br
last-modified
Sat, 20 Nov 2021 09:35:10 GMT
server
nginx
etag
W/"6198c14e-36b"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
x-cdn-c
static
expires
Thu, 29 Aug 2024 22:43:55 GMT
sha256-min.js
www.dewitcameras.com/lbonline/login_files/
1 KB
1 KB
Script
General
Full URL
https://www.dewitcameras.com/lbonline/login_files/sha256-min.js
Requested by
Host: www.dewitcameras.com
URL: https://www.dewitcameras.com/lbonline/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.214.232.7 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
7.232.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
688eb38633ef73d514d026f290631664a0146188a622ba3d07fdbad95190f2fe

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.dewitcameras.com/lbonline/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 22:43:55 GMT
content-encoding
br
last-modified
Sat, 20 Nov 2021 09:35:30 GMT
server
nginx
etag
W/"6198c162-5b1"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
x-cdn-c
static
expires
Thu, 29 Aug 2024 22:43:55 GMT
clienthash.min.js
www.dewitcameras.com/lbonline/login_files/
2 KB
842 B
Script
General
Full URL
https://www.dewitcameras.com/lbonline/login_files/clienthash.min.js
Requested by
Host: www.dewitcameras.com
URL: https://www.dewitcameras.com/lbonline/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.214.232.7 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
7.232.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
1b975a25337a9445c1f797a5057d1da9aa82beb8eb0ab0882ca283bd139af4f0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.dewitcameras.com/lbonline/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 22:43:55 GMT
content-encoding
br
last-modified
Sat, 20 Nov 2021 09:35:46 GMT
server
nginx
etag
W/"6198c172-6f0"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
x-cdn-c
static
expires
Thu, 29 Aug 2024 22:43:55 GMT
login.min.js
www.dewitcameras.com/lbonline/login_files/
604 B
515 B
Script
General
Full URL
https://www.dewitcameras.com/lbonline/login_files/login.min.js
Requested by
Host: www.dewitcameras.com
URL: https://www.dewitcameras.com/lbonline/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.214.232.7 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
7.232.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
d88db257247405b2ef627abb593e4d6c77e2f6105e4aa5407d476cc46072af86

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.dewitcameras.com/lbonline/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 22:43:55 GMT
content-encoding
br
last-modified
Sat, 20 Nov 2021 09:36:00 GMT
server
nginx
etag
W/"6198c180-25c"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
x-cdn-c
static
expires
Thu, 29 Aug 2024 22:43:55 GMT
validation.js
www.dewitcameras.com/lbonline/login_files/
25 KB
5 KB
Script
General
Full URL
https://www.dewitcameras.com/lbonline/login_files/validation.js
Requested by
Host: www.dewitcameras.com
URL: https://www.dewitcameras.com/lbonline/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.214.232.7 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
7.232.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e5e32eda0fac62f106805d427b92b13bfda68febc977857b854399a921cdd87f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.dewitcameras.com/lbonline/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 22:43:55 GMT
content-encoding
br
last-modified
Sat, 20 Nov 2021 09:36:14 GMT
server
nginx
etag
W/"6198c18e-6207"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
x-cdn-c
static
expires
Thu, 29 Aug 2024 22:43:55 GMT
beanvalidation.js
www.dewitcameras.com/lbonline/login_files/
6 KB
1 KB
Script
General
Full URL
https://www.dewitcameras.com/lbonline/login_files/beanvalidation.js
Requested by
Host: www.dewitcameras.com
URL: https://www.dewitcameras.com/lbonline/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.214.232.7 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
7.232.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
b161e729b507f2a53fca68bfca4cae4d9303b4449ccd48e197d1e070ba42f0b4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.dewitcameras.com/lbonline/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 22:43:55 GMT
content-encoding
br
last-modified
Sat, 20 Nov 2021 09:36:26 GMT
server
nginx
etag
W/"6198c19a-17dc"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
x-cdn-c
static
expires
Thu, 29 Aug 2024 22:43:55 GMT
lbpiaccess.jpg
www.dewitcameras.com/lbonline/login_files/
441 KB
442 KB
Image
General
Full URL
https://www.dewitcameras.com/lbonline/login_files/lbpiaccess.jpg
Requested by
Host: www.dewitcameras.com
URL: https://www.dewitcameras.com/lbonline/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.214.232.7 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
7.232.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
7bedd38060b64d53ad5c2ad1e2f330970cc61069f65d3d28a32809d329bfce23

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.dewitcameras.com/lbonline/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 22:43:55 GMT
last-modified
Sat, 20 Nov 2021 09:36:58 GMT
server
nginx
etag
"6198c1ba-6e577"
x-proxy-cache-info
DT:1
content-type
image/jpeg
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
451959
x-cdn-c
static
expires
Thu, 29 Aug 2024 22:43:55 GMT
login_advisory.jpg
www.dewitcameras.com/lbonline/login_files/
323 KB
324 KB
Image
General
Full URL
https://www.dewitcameras.com/lbonline/login_files/login_advisory.jpg
Requested by
Host: www.dewitcameras.com
URL: https://www.dewitcameras.com/lbonline/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.214.232.7 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
7.232.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
48ddcb3978f9fb030436fa1ac7428616d67b987ddd42200d695795a3d64f9bda

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.dewitcameras.com/lbonline/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 22:43:55 GMT
last-modified
Wed, 21 Sep 2022 01:28:22 GMT
server
nginx
etag
"632a68b6-50d8d"
x-proxy-cache-info
DT:1
content-type
image/jpeg
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
331149
x-cdn-c
static
expires
Thu, 29 Aug 2024 22:43:55 GMT
siteSealImage.do
www.dewitcameras.com/lbonline/login_files/
128 B
507 B
Image
General
Full URL
https://www.dewitcameras.com/lbonline/login_files/siteSealImage.do
Requested by
Host: www.dewitcameras.com
URL: https://www.dewitcameras.com/lbonline/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.214.232.7 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
7.232.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
6c7d5e851044c65cf9f8e1573525f9fda8ce05e8eed600718165c7a2e890d2f0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Security-Policy script-src https://www.dewitcameras.com/
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.dewitcameras.com/lbonline/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-proxy-cache
HIT
date
Wed, 30 Aug 2023 22:43:56 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
x-httpd-modphp
1
host-header
8441280b0c35cbc1147f8ba998a563a7
content-length
128
x-xss-protection
1; mode=block
x-cdn-c
static
pragma
public
referrer-policy
strict-origin-when-cross-origin
server
nginx
x-frame-options
SAMEORIGIN
access-control-allow-origin
*
accept-ranges
bytes
x-content-security-policy
script-src https://www.dewitcameras.com/
bancnet_logo.png
www.dewitcameras.com/lbonline/login_files/
5 KB
5 KB
Image
General
Full URL
https://www.dewitcameras.com/lbonline/login_files/bancnet_logo.png
Requested by
Host: www.dewitcameras.com
URL: https://www.dewitcameras.com/lbonline/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.214.232.7 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
7.232.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
ca087c45509b633fcf2970a31573505c49537e91f5a62e2e2901da88be1f472c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.dewitcameras.com/lbonline/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 22:43:56 GMT
last-modified
Sat, 20 Nov 2021 09:39:54 GMT
server
nginx
etag
"6198c26a-133e"
x-proxy-cache-info
DT:1
content-type
image/png
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
4926
x-cdn-c
static
expires
Thu, 29 Aug 2024 22:43:56 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Land Bank of the Philippines (Banking)

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| $ function| jQuery function| autosize function| PF object| PrimeFaces function| Class object| CryptoJS object| _0x1cf3 function| _0x3104 object| ClientHash object| _0x2094 function| _0x37db object| Login

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Security-Policy script-src https://www.dewitcameras.com/
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

www.dewitcameras.com
35.214.232.7
0e6a8e5c97af1964e4a4fed9fc580fa5648ae11b247dc5136f3c4a1195151560
15b4966c5bf349d9fb1e689ec71deb483c1cd88bd5eb6536b41b070022d9cd9a
1b975a25337a9445c1f797a5057d1da9aa82beb8eb0ab0882ca283bd139af4f0
2ff64ff3319d09a9a02e2d88957f29ea7c00040d4052a04360d7e6af29d21289
30d2366156407c8e880c278b92f03e107f1742798cb30cb6ef9de3c48bb6e500
3712d663c01cd4c50dbf786c68d6fa3cf0f1ee599bf80fbaf7bc669ffc802867
48ddcb3978f9fb030436fa1ac7428616d67b987ddd42200d695795a3d64f9bda
4989ab23da34c76c830e196d860158615473b777d70c86725b1408b37893391a
5eceb6418f74002f33269b3180f5d1382d55f7e960294009e733b0f2da83cb25
688eb38633ef73d514d026f290631664a0146188a622ba3d07fdbad95190f2fe
6c7d5e851044c65cf9f8e1573525f9fda8ce05e8eed600718165c7a2e890d2f0
7191e57b809d00cf46e04cd5c6090da4b7e6b36fa836282ff345671ba19b86f9
7bedd38060b64d53ad5c2ad1e2f330970cc61069f65d3d28a32809d329bfce23
b161e729b507f2a53fca68bfca4cae4d9303b4449ccd48e197d1e070ba42f0b4
be5fe6e7f73e241d2332683415cafcaa27e63518585ab172de6bad7827d19921
ca087c45509b633fcf2970a31573505c49537e91f5a62e2e2901da88be1f472c
d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d
d88db257247405b2ef627abb593e4d6c77e2f6105e4aa5407d476cc46072af86
e5e32eda0fac62f106805d427b92b13bfda68febc977857b854399a921cdd87f
f30b3115cae7a1140dbecd3be59a546a738518fa11e161a9e92dd7cba45613d0
f885ed4c6a440fee7c6635755899d7f3fb852aba76994d1d8f146c03b2ddc7e9