www.dewitcameras.com
Open in
urlscan Pro
35.214.232.7
Malicious Activity!
Public Scan
Submission Tags: @phish_report
Submission: On August 30 via api from FI — Scanned from NL
Summary
TLS certificate: Issued by R3 on August 5th 2023. Valid for: 3 months.
This is the only time www.dewitcameras.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Land Bank of the Philippines (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
21 | 35.214.232.7 35.214.232.7 | 15169 (GOOGLE) (GOOGLE) | |
21 | 1 |
ASN15169 (GOOGLE, US)
PTR: 7.232.214.35.bc.googleusercontent.com
www.dewitcameras.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
21 |
dewitcameras.com
www.dewitcameras.com |
996 KB |
21 | 1 |
Domain | Requested by | |
---|---|---|
21 | www.dewitcameras.com |
www.dewitcameras.com
|
21 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.landbank.com |
www.lbpiaccess.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.dewitcameras.com R3 |
2023-08-05 - 2023-11-03 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.dewitcameras.com/lbonline/
Frame ID: 50C496C2C6C080E6FF114E1D48D73D3D
Requests: 21 HTTP requests in this frame
Screenshot
Page Title
LANDBANK iAccess Retail Internet Banking - LoginDetected technologies
Font Awesome (Font Scripts) ExpandDetected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
12 Outgoing links
These are links going to different origins than the main page.
Title: About Us
Search URL Search Domain Scan URL
Title: FAQs
Search URL Search Domain Scan URL
Title: Security Policy
Search URL Search Domain Scan URL
Title: Data Privacy Statement
Search URL Search Domain Scan URL
Title: Advisory on ATM Use
Search URL Search Domain Scan URL
Title: iAccess Features
Search URL Search Domain Scan URL
Title: Find Us
Search URL Search Domain Scan URL
Title: Sign up now!
Search URL Search Domain Scan URL
Title: Terms and Conditions
Search URL Search Domain Scan URL
Title: here
Search URL Search Domain Scan URL
Title: Unlock ID
Search URL Search Domain Scan URL
Title: Forgot Password
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.dewitcameras.com/lbonline/ |
9 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
theme.css
www.dewitcameras.com/lbonline/login_files/ |
22 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.css
www.dewitcameras.com/lbonline/login_files/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
www.dewitcameras.com/lbonline/login_files/ |
9 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
components.css
www.dewitcameras.com/lbonline/login_files/ |
91 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
www.dewitcameras.com/lbonline/login_files/ |
85 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-plugins.js
www.dewitcameras.com/lbonline/login_files/ |
261 KB 66 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
core.js
www.dewitcameras.com/lbonline/login_files/ |
37 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
components.js
www.dewitcameras.com/lbonline/login_files/ |
412 KB 74 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
core-min.js
www.dewitcameras.com/lbonline/login_files/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aes.js
www.dewitcameras.com/lbonline/login_files/ |
13 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
enc-base64-min.js
www.dewitcameras.com/lbonline/login_files/ |
875 B 770 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sha256-min.js
www.dewitcameras.com/lbonline/login_files/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clienthash.min.js
www.dewitcameras.com/lbonline/login_files/ |
2 KB 842 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.min.js
www.dewitcameras.com/lbonline/login_files/ |
604 B 515 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
validation.js
www.dewitcameras.com/lbonline/login_files/ |
25 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
beanvalidation.js
www.dewitcameras.com/lbonline/login_files/ |
6 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lbpiaccess.jpg
www.dewitcameras.com/lbonline/login_files/ |
441 KB 442 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login_advisory.jpg
www.dewitcameras.com/lbonline/login_files/ |
323 KB 324 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
siteSealImage.do
www.dewitcameras.com/lbonline/login_files/ |
128 B 507 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bancnet_logo.png
www.dewitcameras.com/lbonline/login_files/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Land Bank of the Philippines (Banking)14 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture function| $ function| jQuery function| autosize function| PF object| PrimeFaces function| Class object| CryptoJS object| _0x1cf3 function| _0x3104 object| ClientHash object| _0x2094 function| _0x37db object| Login0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | upgrade-insecure-requests |
X-Content-Security-Policy | script-src https://www.dewitcameras.com/ |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
www.dewitcameras.com
35.214.232.7
0e6a8e5c97af1964e4a4fed9fc580fa5648ae11b247dc5136f3c4a1195151560
15b4966c5bf349d9fb1e689ec71deb483c1cd88bd5eb6536b41b070022d9cd9a
1b975a25337a9445c1f797a5057d1da9aa82beb8eb0ab0882ca283bd139af4f0
2ff64ff3319d09a9a02e2d88957f29ea7c00040d4052a04360d7e6af29d21289
30d2366156407c8e880c278b92f03e107f1742798cb30cb6ef9de3c48bb6e500
3712d663c01cd4c50dbf786c68d6fa3cf0f1ee599bf80fbaf7bc669ffc802867
48ddcb3978f9fb030436fa1ac7428616d67b987ddd42200d695795a3d64f9bda
4989ab23da34c76c830e196d860158615473b777d70c86725b1408b37893391a
5eceb6418f74002f33269b3180f5d1382d55f7e960294009e733b0f2da83cb25
688eb38633ef73d514d026f290631664a0146188a622ba3d07fdbad95190f2fe
6c7d5e851044c65cf9f8e1573525f9fda8ce05e8eed600718165c7a2e890d2f0
7191e57b809d00cf46e04cd5c6090da4b7e6b36fa836282ff345671ba19b86f9
7bedd38060b64d53ad5c2ad1e2f330970cc61069f65d3d28a32809d329bfce23
b161e729b507f2a53fca68bfca4cae4d9303b4449ccd48e197d1e070ba42f0b4
be5fe6e7f73e241d2332683415cafcaa27e63518585ab172de6bad7827d19921
ca087c45509b633fcf2970a31573505c49537e91f5a62e2e2901da88be1f472c
d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d
d88db257247405b2ef627abb593e4d6c77e2f6105e4aa5407d476cc46072af86
e5e32eda0fac62f106805d427b92b13bfda68febc977857b854399a921cdd87f
f30b3115cae7a1140dbecd3be59a546a738518fa11e161a9e92dd7cba45613d0
f885ed4c6a440fee7c6635755899d7f3fb852aba76994d1d8f146c03b2ddc7e9