campaigndbs.com
Open in
urlscan Pro
83.150.213.33
Malicious Activity!
Public Scan
Submission: On April 13 via automatic, source phishtank
Summary
This is the only time campaigndbs.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: DBS Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 24 | 83.150.213.33 83.150.213.33 | 203576 (INTERNETB...) (INTERNETBILISIM) | |
1 3 | 34.251.60.147 34.251.60.147 | 16509 (AMAZON-02) (AMAZON-02) | |
27 | 3 |
ASN203576 (INTERNETBILISIM, TR)
PTR: ist3.internetbilisim.net
campaigndbs.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-60-147.eu-west-1.compute.amazonaws.com
dpm.demdex.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
24 |
campaigndbs.com
1 redirects
campaigndbs.com |
3 MB |
3 |
demdex.net
1 redirects
dpm.demdex.net |
3 KB |
0 |
dbs.com.sg
Failed
somniture.dbs.com.sg Failed |
|
27 | 3 |
Domain | Requested by | |
---|---|---|
24 | campaigndbs.com |
1 redirects
campaigndbs.com
|
3 | dpm.demdex.net |
1 redirects
campaigndbs.com
|
0 | somniture.dbs.com.sg Failed |
campaigndbs.com
|
27 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://campaigndbs.com/IB/Welcome/
Frame ID: CE6ABDD447E5916A487DA88E1B30DFD2
Requests: 27 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://campaigndbs.com/IB/Welcome
HTTP 301
http://campaigndbs.com/IB/Welcome/ Page URL
Detected technologies
LiteSpeed (Web Servers) ExpandDetected patterns
- headers server /^LiteSpeed$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://campaigndbs.com/IB/Welcome
HTTP 301
http://campaigndbs.com/IB/Welcome/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 16- http://dpm.demdex.net/id?d_visid_ver=4.5.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=1E4734FA53DAC2360A490D44%40AdobeOrg&d_nsid=0&ts=1618291978107 HTTP 302
- http://dpm.demdex.net/id/rd?d_visid_ver=4.5.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=1E4734FA53DAC2360A490D44%40AdobeOrg&d_nsid=0&ts=1618291978107
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
campaigndbs.com/IB/Welcome/ Redirect Chain
|
6 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s38902775785806
campaigndbs.com/IB/Welcome/index_files/ |
3 KB 4 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
themes_login.css
campaigndbs.com/IB/Welcome/index_files/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
language_login.css
campaigndbs.com/IB/Welcome/index_files/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login.css
campaigndbs.com/IB/Welcome/index_files/ |
22 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.3.1.js.indir
campaigndbs.com/IB/Welcome/index_files/ |
275 KB 275 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-migrate-3.0.1.js.indir
campaigndbs.com/IB/Welcome/index_files/ |
17 KB 18 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login.js.indir
campaigndbs.com/IB/Welcome/index_files/ |
2 KB 2 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
EncryptionApplet.js.indir
campaigndbs.com/IB/Welcome/index_files/ |
6 KB 6 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
satelliteLib-e1e8c61fc2280cc6fb41b6644be1ca2dfdcf675d.js.indir
campaigndbs.com/IB/Welcome/index_files/ |
200 KB 200 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
desktoplogo.png
campaigndbs.com/IB/Welcome/index_files/ |
12 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pinEncryption.js.indir
campaigndbs.com/IB/Welcome/index_files/ |
105 KB 105 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
IAMPinEncryption.js.indir
campaigndbs.com/IB/Welcome/index_files/ |
5 KB 6 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
util_obf.js.indir
campaigndbs.com/IB/Welcome/index_files/ |
2 KB 2 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3des_obf.js.indir
campaigndbs.com/IB/Welcome/index_files/ |
9 KB 10 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jsbn_obf.js.indir
campaigndbs.com/IB/Welcome/index_files/ |
11 KB 11 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rsa_obf.js.indir
campaigndbs.com/IB/Welcome/index_files/ |
3 KB 4 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rd
dpm.demdex.net/id/ Redirect Chain
|
110 B 741 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
arka.png
campaigndbs.com/IB/Welcome/ |
3 MB 3 MB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
FrutigerNextPro-Medium.woff2
campaigndbs.com/IB/Welcome/fonts/frutiger-lt/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
frutigernextlt-light-webfont.woff
campaigndbs.com/IB/Welcome/fonts/frutiger-lt/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
FrutigerNextPro-Medium.woff
campaigndbs.com/IB/Welcome/fonts/frutiger-lt/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
id
somniture.dbs.com.sg/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
frutigernextlt-light-webfont.ttf
campaigndbs.com/IB/Welcome/fonts/frutiger-lt/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
FrutigerNextPro-Medium.ttf
campaigndbs.com/IB/Welcome/fonts/frutiger-lt/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
id
somniture.dbs.com.sg/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
dpm.demdex.net/ |
2 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- somniture.dbs.com.sg
- URL
- http://somniture.dbs.com.sg/id?d_visid_ver=4.5.2&d_fieldgroup=MC&mcorgid=1E4734FA53DAC2360A490D44%40AdobeOrg&ts=1618291978204
- Domain
- somniture.dbs.com.sg
- URL
- http://somniture.dbs.com.sg/id?d_visid_ver=4.5.2&d_fieldgroup=A&mcorgid=1E4734FA53DAC2360A490D44%40AdobeOrg&mid=92011803617934203705215527398472801115&ts=1618291978305
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: DBS Bank (Banking)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.campaigndbs.com/ | Name: AMCVS_1E4734FA53DAC2360A490D44%40AdobeOrg Value: 1 |
|
campaigndbs.com/ | Name: _sdsat_lt_pages_viewed Value: 1 |
|
campaigndbs.com/ | Name: _sdsat_traffic_source Value: |
|
campaigndbs.com/ | Name: _sdsat_session_count Value: 1 |
|
.campaigndbs.com/ | Name: AMCV_1E4734FA53DAC2360A490D44%40AdobeOrg Value: -432600572%7CMCMID%7C92011803617934203705215527398472801115%7CMCAID%7CNONE%7CMCAAMLH-1618896778%7C6%7CMCAAMB-1618896778%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCOPTOUT-1618299178s%7CNONE%7CvVersion%7C4.5.2 |
|
campaigndbs.com/ | Name: _sdsat_pages_viewed Value: 1 |
|
campaigndbs.com/ | Name: _sdsat_landing_page Value: http://campaigndbs.com/IB/Welcome/|1618291978102 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
campaigndbs.com
dpm.demdex.net
somniture.dbs.com.sg
somniture.dbs.com.sg
34.251.60.147
83.150.213.33
0193214fa8e6b4967207ae6e2e1658b604ac155f62b8e7bcee48ca01b58493ab
29fec9c270f9fd223ed07b0f05e949cf1a4c8713ed3ce7e8315fa3129c0b4d9e
32d35b62494bc5faac382b625d39893a38ee6f8fdafc864e3217cd049bd519eb
3ee370d63a91f74df6f2df9c1c78cea632530c83ae1e5f099cd7226db5e1a74c
670fa4ed164584483d1066b5304061089d05e467c12aa6ed18919f6fcf0d53fd
6cca86c2abcb72266e06a7adb60a3a75d73a092b69bb9732b6c0d1b169e0a35e
84c6613eaacd90987c20b8abd0d0bb660cb5c7e3a40ba97a49335f2fe90e65e1
85072496700e821fb8567e4591598e7818a7345d4d659f7a7bc4617fc286d3d8
8a95fa5d5b4515f001edb15cdae76fed491b81d751be3b1880824defcd349a52
8c8c6e364f6672ddd0c31af9ca9cfb26ad8638e1e096bdc8f90c31d23aaa8dfe
9e93a2a40b22900dfb76bf7898c95dec13e34fe47bb143bbc40210258a6d813a
a55b736b480d80200a8a4ed984ee3f9cbf59f8fa537cabb5606223a0396b1587
a56e82f34c03b1bed67b86e8b09d36303d6204eeb04b968f8fe38077753606ca
b31f234c2fc0eddea5124693681175208f106d0cd8db702b41f8095741e67428
bc8028a27be05f884d8be8027ad78e3130f6b0ec4a803a613b80c3edd3e27b9c
d715b2622a62ee581868e9dc9ad1799012bcd0c88c29827c7604967bed30018a
d8bbc58751585238a79d3cb19abb75d350d3246be6a455f96a61698e382e4c44
e6c707f4efa899287f41b5aa23282c3c330a1e94b71f85ffee62b91d8687af7e
e9d3d6ccbb9d997c7f6e6f46bb9acf3a3e7829f55f1c7daed478aa7d0bf68797
fca6f29e2c579b64e09c8ce411830657ce4107067dc0dd4b3648e49c745de571