campaigndbs.com Open in urlscan Pro
83.150.213.33 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://campaigndbs.com/IB/Welcome/
Submission: On April 13 via automatic, source phishtank (April 13th 2021, 5:33:13 am UTC)

Summary HTTP 27 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 27 HTTP transactions. The main IP is 83.150.213.33, located in Turkey and belongs to INTERNETBILISIM, TR. The main domain is campaigndbs.com.

This is the only time campaigndbs.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DBS Bank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 24	83.150.213.33 83.150.213.33	203576 (INTERNETB...) (INTERNETBILISIM)
1 3	34.251.60.147 34.251.60.147	16509 (AMAZON-02) (AMAZON-02)
27	3

24 83.150.213.33 (Turkey) 1 redirects

ASN203576 (INTERNETBILISIM, TR)
PTR: ist3.internetbilisim.net

campaigndbs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.251.60.147 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-60-147.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	campaigndbs.com 1 redirects campaigndbs.com	3 MB
3	demdex.net 1 redirects dpm.demdex.net	3 KB
0	dbs.com.sg Failed somniture.dbs.com.sg Failed
27	3

	Domain	Requested by
24	campaigndbs.com	1 redirects campaigndbs.com
3	dpm.demdex.net	1 redirects campaigndbs.com
0	somniture.dbs.com.sg Failed	campaigndbs.com
27	3

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://campaigndbs.com/IB/Welcome/
Frame ID: CE6ABDD447E5916A487DA88E1B30DFD2
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://campaigndbs.com/IB/Welcome HTTP 301
http://campaigndbs.com/IB/Welcome/ Page URL

Detected technologies

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

Page Statistics

27
Requests

0 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

3537 kB
Transfer

3559 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://campaigndbs.com/IB/Welcome HTTP 301
http://campaigndbs.com/IB/Welcome/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

http://dpm.demdex.net/id?d_visid_ver=4.5.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=1E4734FA53DAC2360A490D44%40AdobeOrg&d_nsid=0&ts=1618291978107 HTTP 302
http://dpm.demdex.net/id/rd?d_visid_ver=4.5.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=1E4734FA53DAC2360A490D44%40AdobeOrg&d_nsid=0&ts=1618291978107

27 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response campaigndbs.com/IB/Welcome/ Redirect Chain http://campaigndbs.com/IB/Welcome http://campaigndbs.com/IB/Welcome/	6 KB 2 KB	161ms 161ms	Document text/html	83.150.213.33 INTERNETBILISIM
General Check archive.org Show headers Download Go to Full URL http://campaigndbs.com/IB/Welcome/ Protocol HTTP/1.1 Server 83.150.213.33 , Turkey, ASN203576 (INTERNETBILISIM, TR), Reverse DNS ist3.internetbilisim.net Software LiteSpeed / PHP/5.6.40 Resource Hash `e6c707f4efa899287f41b5aa23282c3c330a1e94b71f85ffee62b91d8687af7e` Request headers Host campaigndbs.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Connection Keep-Alive X-Powered-By PHP/5.6.40 Content-Type text/html; charset=UTF-8 Content-Length 2059 Content-Encoding gzip Vary Accept-Encoding Date Tue, 13 Apr 2021 05:32:57 GMT Server LiteSpeed Redirect headers Connection Keep-Alive Content-Type text/html Content-Length 706 Date Tue, 13 Apr 2021 05:32:57 GMT Server LiteSpeed Location http://campaigndbs.com/IB/Welcome/
GET H/1.1	200 OK	s38902775785806 Show response campaigndbs.com/IB/Welcome/index_files/	3 KB 4 KB	230ms 76ms	Script text/plain	83.150.213.33 INTERNETBILISIM
General Check archive.org Show headers Download Go to Full URL http://campaigndbs.com/IB/Welcome/index_files/s38902775785806 Requested by Host: campaigndbs.com URL: http://campaigndbs.com/IB/Welcome/ Protocol HTTP/1.1 Server 83.150.213.33 , Turkey, ASN203576 (INTERNETBILISIM, TR), Reverse DNS ist3.internetbilisim.net Software LiteSpeed / Resource Hash `8c8c6e364f6672ddd0c31af9ca9cfb26ad8638e1e096bdc8f90c31d23aaa8dfe` Request headers Referer http://campaigndbs.com/IB/Welcome/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 13 Apr 2021 05:32:57 GMT Last-Modified Fri, 30 Oct 2020 10:06:22 GMT Server LiteSpeed Connection Keep-Alive Accept-Ranges bytes Content-Length 3487
GET H/1.1	200 OK	themes_login.css campaigndbs.com/IB/Welcome/index_files/	3 KB 1 KB	78ms 76ms	Stylesheet text/css	83.150.213.33 INTERNETBILISIM
General Check archive.org Show headers Download Go to Full URL http://campaigndbs.com/IB/Welcome/index_files/themes_login.css Requested by Host: campaigndbs.com URL: http://campaigndbs.com/IB/Welcome/ Protocol HTTP/1.1 Server 83.150.213.33 , Turkey, ASN203576 (INTERNETBILISIM, TR), Reverse DNS ist3.internetbilisim.net Software LiteSpeed / Resource Hash `d715b2622a62ee581868e9dc9ad1799012bcd0c88c29827c7604967bed30018a` Request headers Referer http://campaigndbs.com/IB/Welcome/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 13 Apr 2021 05:32:57 GMT Content-Encoding gzip Last-Modified Fri, 30 Oct 2020 10:06:22 GMT Server LiteSpeed Vary Accept-Encoding Content-Type text/css Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 1064 Expires Tue, 20 Apr 2021 05:32:57 GMT
GET H/1.1	200 OK	language_login.css campaigndbs.com/IB/Welcome/index_files/	3 KB 1 KB	153ms 145ms	Stylesheet text/css	83.150.213.33 INTERNETBILISIM
General Check archive.org Show headers Download Go to Full URL http://campaigndbs.com/IB/Welcome/index_files/language_login.css Requested by Host: campaigndbs.com URL: http://campaigndbs.com/IB/Welcome/ Protocol HTTP/1.1 Server 83.150.213.33 , Turkey, ASN203576 (INTERNETBILISIM, TR), Reverse DNS ist3.internetbilisim.net Software LiteSpeed / Resource Hash `85072496700e821fb8567e4591598e7818a7345d4d659f7a7bc4617fc286d3d8` Request headers Referer http://campaigndbs.com/IB/Welcome/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 13 Apr 2021 05:32:57 GMT Content-Encoding gzip Last-Modified Fri, 30 Oct 2020 10:06:22 GMT Server LiteSpeed Vary Accept-Encoding Content-Type text/css Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 693 Expires Tue, 20 Apr 2021 05:32:57 GMT
GET H/1.1	200 OK	login.css campaigndbs.com/IB/Welcome/index_files/	22 KB 3 KB	152ms 145ms	Stylesheet text/css	83.150.213.33 INTERNETBILISIM
General Check archive.org Show headers Download Go to Full URL http://campaigndbs.com/IB/Welcome/index_files/login.css Requested by Host: campaigndbs.com URL: http://campaigndbs.com/IB/Welcome/ Protocol HTTP/1.1 Server 83.150.213.33 , Turkey, ASN203576 (INTERNETBILISIM, TR), Reverse DNS ist3.internetbilisim.net Software LiteSpeed / Resource Hash `9e93a2a40b22900dfb76bf7898c95dec13e34fe47bb143bbc40210258a6d813a` Request headers Referer http://campaigndbs.com/IB/Welcome/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 13 Apr 2021 05:32:57 GMT Content-Encoding gzip Last-Modified Fri, 30 Oct 2020 10:06:24 GMT Server LiteSpeed Vary Accept-Encoding Content-Type text/css Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 3159 Expires Tue, 20 Apr 2021 05:32:57 GMT
GET H/1.1	200 OK	jquery-3.3.1.js.indir Show response campaigndbs.com/IB/Welcome/index_files/	275 KB 275 KB	153ms 145ms	Script application/octet-stream	83.150.213.33 INTERNETBILISIM
General Check archive.org Show headers Download Go to Full URL http://campaigndbs.com/IB/Welcome/index_files/jquery-3.3.1.js.indir Requested by Host: campaigndbs.com URL: http://campaigndbs.com/IB/Welcome/ Protocol HTTP/1.1 Server 83.150.213.33 , Turkey, ASN203576 (INTERNETBILISIM, TR), Reverse DNS ist3.internetbilisim.net Software LiteSpeed / Resource Hash `bc8028a27be05f884d8be8027ad78e3130f6b0ec4a803a613b80c3edd3e27b9c` Request headers Referer http://campaigndbs.com/IB/Welcome/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 13 Apr 2021 05:32:57 GMT Last-Modified Fri, 30 Oct 2020 10:06:24 GMT Server LiteSpeed Connection Keep-Alive Accept-Ranges bytes Content-Length 281838 Content-Type application/octet-stream
GET H/1.1	200 OK	jquery-migrate-3.0.1.js.indir Show response campaigndbs.com/IB/Welcome/index_files/	17 KB 18 KB	153ms 146ms	Script application/octet-stream	83.150.213.33 INTERNETBILISIM
General Check archive.org Show headers Download Go to Full URL http://campaigndbs.com/IB/Welcome/index_files/jquery-migrate-3.0.1.js.indir Requested by Host: campaigndbs.com URL: http://campaigndbs.com/IB/Welcome/ Protocol HTTP/1.1 Server 83.150.213.33 , Turkey, ASN203576 (INTERNETBILISIM, TR), Reverse DNS ist3.internetbilisim.net Software LiteSpeed / Resource Hash `6cca86c2abcb72266e06a7adb60a3a75d73a092b69bb9732b6c0d1b169e0a35e` Request headers Referer http://campaigndbs.com/IB/Welcome/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 13 Apr 2021 05:32:57 GMT Last-Modified Fri, 30 Oct 2020 10:06:24 GMT Server LiteSpeed Connection Keep-Alive Accept-Ranges bytes Content-Length 17812 Content-Type application/octet-stream
GET H/1.1	200 OK	login.js.indir Show response campaigndbs.com/IB/Welcome/index_files/	2 KB 2 KB	137ms 130ms	Script application/octet-stream	83.150.213.33 INTERNETBILISIM
General Check archive.org Show headers Download Go to Full URL http://campaigndbs.com/IB/Welcome/index_files/login.js.indir Requested by Host: campaigndbs.com URL: http://campaigndbs.com/IB/Welcome/ Protocol HTTP/1.1 Server 83.150.213.33 , Turkey, ASN203576 (INTERNETBILISIM, TR), Reverse DNS ist3.internetbilisim.net Software LiteSpeed / Resource Hash `670fa4ed164584483d1066b5304061089d05e467c12aa6ed18919f6fcf0d53fd` Request headers Referer http://campaigndbs.com/IB/Welcome/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 13 Apr 2021 05:32:57 GMT Last-Modified Fri, 30 Oct 2020 10:06:24 GMT Server LiteSpeed Connection Keep-Alive Accept-Ranges bytes Content-Length 2329 Content-Type application/octet-stream
GET H/1.1	200 OK	EncryptionApplet.js.indir Show response campaigndbs.com/IB/Welcome/index_files/	6 KB 6 KB	152ms 75ms	Script application/octet-stream	83.150.213.33 INTERNETBILISIM
General Check archive.org Show headers Download Go to Full URL http://campaigndbs.com/IB/Welcome/index_files/EncryptionApplet.js.indir Requested by Host: campaigndbs.com URL: http://campaigndbs.com/IB/Welcome/ Protocol HTTP/1.1 Server 83.150.213.33 , Turkey, ASN203576 (INTERNETBILISIM, TR), Reverse DNS ist3.internetbilisim.net Software LiteSpeed / Resource Hash `0193214fa8e6b4967207ae6e2e1658b604ac155f62b8e7bcee48ca01b58493ab` Request headers Referer http://campaigndbs.com/IB/Welcome/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 13 Apr 2021 05:32:57 GMT Last-Modified Fri, 30 Oct 2020 10:06:24 GMT Server LiteSpeed Connection Keep-Alive Accept-Ranges bytes Content-Length 6065 Content-Type application/octet-stream
GET H/1.1	200 OK	satelliteLib-e1e8c61fc2280cc6fb41b6644be1ca2dfdcf675d.js.indir Show response campaigndbs.com/IB/Welcome/index_files/	200 KB 200 KB	205ms 68ms	Script application/octet-stream	83.150.213.33 INTERNETBILISIM
General Check archive.org Show headers Download Go to Full URL http://campaigndbs.com/IB/Welcome/index_files/satelliteLib-e1e8c61fc2280cc6fb41b6644be1ca2dfdcf675d.js.indir Requested by Host: campaigndbs.com URL: http://campaigndbs.com/IB/Welcome/ Protocol HTTP/1.1 Server 83.150.213.33 , Turkey, ASN203576 (INTERNETBILISIM, TR), Reverse DNS ist3.internetbilisim.net Software LiteSpeed / Resource Hash `29fec9c270f9fd223ed07b0f05e949cf1a4c8713ed3ce7e8315fa3129c0b4d9e` Request headers Referer http://campaigndbs.com/IB/Welcome/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 13 Apr 2021 05:32:57 GMT Last-Modified Fri, 30 Oct 2020 10:06:24 GMT Server LiteSpeed Connection Keep-Alive Accept-Ranges bytes Content-Length 204597 Content-Type application/octet-stream
GET H/1.1	200 OK	desktoplogo.png campaigndbs.com/IB/Welcome/index_files/	12 KB 12 KB	135ms 75ms	Image image/png	83.150.213.33 INTERNETBILISIM
General Check archive.org Show headers Download Go to Show image Full URL http://campaigndbs.com/IB/Welcome/index_files/desktoplogo.png Requested by Host: campaigndbs.com URL: http://campaigndbs.com/IB/Welcome/ Protocol HTTP/1.1 Server 83.150.213.33 , Turkey, ASN203576 (INTERNETBILISIM, TR), Reverse DNS ist3.internetbilisim.net Software LiteSpeed / Resource Hash `d8bbc58751585238a79d3cb19abb75d350d3246be6a455f96a61698e382e4c44` Request headers Referer http://campaigndbs.com/IB/Welcome/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 13 Apr 2021 05:32:58 GMT Last-Modified Fri, 30 Oct 2020 10:06:24 GMT Server LiteSpeed Content-Type image/png Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 11903 Expires Tue, 20 Apr 2021 05:32:58 GMT
GET H/1.1	200 OK	pinEncryption.js.indir Show response campaigndbs.com/IB/Welcome/index_files/	105 KB 105 KB	69ms 68ms	Script application/octet-stream	83.150.213.33 INTERNETBILISIM
General Check archive.org Show headers Download Go to Full URL http://campaigndbs.com/IB/Welcome/index_files/pinEncryption.js.indir Requested by Host: campaigndbs.com URL: http://campaigndbs.com/IB/Welcome/ Protocol HTTP/1.1 Server 83.150.213.33 , Turkey, ASN203576 (INTERNETBILISIM, TR), Reverse DNS ist3.internetbilisim.net Software LiteSpeed / Resource Hash `8a95fa5d5b4515f001edb15cdae76fed491b81d751be3b1880824defcd349a52` Request headers Referer http://campaigndbs.com/IB/Welcome/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 13 Apr 2021 05:32:58 GMT Last-Modified Fri, 30 Oct 2020 10:06:24 GMT Server LiteSpeed Connection Keep-Alive Accept-Ranges bytes Content-Length 107446 Content-Type application/octet-stream
GET H/1.1	200 OK	IAMPinEncryption.js.indir Show response campaigndbs.com/IB/Welcome/index_files/	5 KB 6 KB	76ms 76ms	Script application/octet-stream	83.150.213.33 INTERNETBILISIM
General Check archive.org Show headers Download Go to Full URL http://campaigndbs.com/IB/Welcome/index_files/IAMPinEncryption.js.indir Requested by Host: campaigndbs.com URL: http://campaigndbs.com/IB/Welcome/ Protocol HTTP/1.1 Server 83.150.213.33 , Turkey, ASN203576 (INTERNETBILISIM, TR), Reverse DNS ist3.internetbilisim.net Software LiteSpeed / Resource Hash `84c6613eaacd90987c20b8abd0d0bb660cb5c7e3a40ba97a49335f2fe90e65e1` Request headers Referer http://campaigndbs.com/IB/Welcome/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 13 Apr 2021 05:32:58 GMT Last-Modified Fri, 30 Oct 2020 10:06:24 GMT Server LiteSpeed Connection Keep-Alive Accept-Ranges bytes Content-Length 5477 Content-Type application/octet-stream
GET H/1.1	200 OK	util_obf.js.indir Show response campaigndbs.com/IB/Welcome/index_files/	2 KB 2 KB	76ms 76ms	Script application/octet-stream	83.150.213.33 INTERNETBILISIM
General Check archive.org Show headers Download Go to Full URL http://campaigndbs.com/IB/Welcome/index_files/util_obf.js.indir Requested by Host: campaigndbs.com URL: http://campaigndbs.com/IB/Welcome/ Protocol HTTP/1.1 Server 83.150.213.33 , Turkey, ASN203576 (INTERNETBILISIM, TR), Reverse DNS ist3.internetbilisim.net Software LiteSpeed / Resource Hash `b31f234c2fc0eddea5124693681175208f106d0cd8db702b41f8095741e67428` Request headers Referer http://campaigndbs.com/IB/Welcome/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 13 Apr 2021 05:32:58 GMT Last-Modified Fri, 30 Oct 2020 10:06:24 GMT Server LiteSpeed Connection Keep-Alive Accept-Ranges bytes Content-Length 1845 Content-Type application/octet-stream
GET H/1.1	200 OK	3des_obf.js.indir Show response campaigndbs.com/IB/Welcome/index_files/	9 KB 10 KB	77ms 76ms	Script application/octet-stream	83.150.213.33 INTERNETBILISIM
General Check archive.org Show headers Download Go to Full URL http://campaigndbs.com/IB/Welcome/index_files/3des_obf.js.indir Requested by Host: campaigndbs.com URL: http://campaigndbs.com/IB/Welcome/ Protocol HTTP/1.1 Server 83.150.213.33 , Turkey, ASN203576 (INTERNETBILISIM, TR), Reverse DNS ist3.internetbilisim.net Software LiteSpeed / Resource Hash `3ee370d63a91f74df6f2df9c1c78cea632530c83ae1e5f099cd7226db5e1a74c` Request headers Referer http://campaigndbs.com/IB/Welcome/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 13 Apr 2021 05:32:58 GMT Last-Modified Fri, 30 Oct 2020 10:06:24 GMT Server LiteSpeed Connection Keep-Alive Accept-Ranges bytes Content-Length 9504 Content-Type application/octet-stream
GET H/1.1	200 OK	jsbn_obf.js.indir Show response campaigndbs.com/IB/Welcome/index_files/	11 KB 11 KB	76ms 76ms	Script application/octet-stream	83.150.213.33 INTERNETBILISIM
General Check archive.org Show headers Download Go to Full URL http://campaigndbs.com/IB/Welcome/index_files/jsbn_obf.js.indir Requested by Host: campaigndbs.com URL: http://campaigndbs.com/IB/Welcome/ Protocol HTTP/1.1 Server 83.150.213.33 , Turkey, ASN203576 (INTERNETBILISIM, TR), Reverse DNS ist3.internetbilisim.net Software LiteSpeed / Resource Hash `e9d3d6ccbb9d997c7f6e6f46bb9acf3a3e7829f55f1c7daed478aa7d0bf68797` Request headers Referer http://campaigndbs.com/IB/Welcome/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 13 Apr 2021 05:32:58 GMT Last-Modified Fri, 30 Oct 2020 10:06:24 GMT Server LiteSpeed Connection Keep-Alive Accept-Ranges bytes Content-Length 10933 Content-Type application/octet-stream
GET H/1.1	200 OK	rsa_obf.js.indir Show response campaigndbs.com/IB/Welcome/index_files/	3 KB 4 KB	76ms 75ms	Script application/octet-stream	83.150.213.33 INTERNETBILISIM
General Check archive.org Show headers Download Go to Full URL http://campaigndbs.com/IB/Welcome/index_files/rsa_obf.js.indir Requested by Host: campaigndbs.com URL: http://campaigndbs.com/IB/Welcome/ Protocol HTTP/1.1 Server 83.150.213.33 , Turkey, ASN203576 (INTERNETBILISIM, TR), Reverse DNS ist3.internetbilisim.net Software LiteSpeed / Resource Hash `a55b736b480d80200a8a4ed984ee3f9cbf59f8fa537cabb5606223a0396b1587` Request headers Referer http://campaigndbs.com/IB/Welcome/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 13 Apr 2021 05:32:58 GMT Last-Modified Fri, 30 Oct 2020 10:06:24 GMT Server LiteSpeed Connection Keep-Alive Accept-Ranges bytes Content-Length 3398 Content-Type application/octet-stream
GET H/1.1	200 OK	rd Show response dpm.demdex.net/id/ Redirect Chain http://dpm.demdex.net/id?d_visid_ver=4.5.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=1E4734FA53DAC2360A490D44%40AdobeOrg&d_nsid=0&ts=1618291978107 http://dpm.demdex.net/id/rd?d_visid_ver=4.5.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=1E4734FA53DAC2360A490D44%40AdobeOrg&d_nsid=0&ts=1618291978107	110 B 741 B	31ms 31ms	XHR application/json	34.251.60.147 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://dpm.demdex.net/id/rd?d_visid_ver=4.5.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=1E4734FA53DAC2360A490D44%40AdobeOrg&d_nsid=0&ts=1618291978107 Requested by Host: campaigndbs.com URL: http://campaigndbs.com/IB/Welcome/ Protocol HTTP/1.1 Server 34.251.60.147 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-251-60-147.eu-west-1.compute.amazonaws.com Software / Resource Hash `a56e82f34c03b1bed67b86e8b09d36303d6204eeb04b968f8fe38077753606ca` Request headers Referer http://campaigndbs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers DCS dcs-prod-irl1-v090-0c31a8b26.edge-irl1.demdex.com 5.80.7.20210304103356 0ms (+1ms) Pragma no-cache X-Error 172 X-TID 5ecTb5mQSnQ= Vary Origin, Accept-Encoding, User-Agent P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Access-Control-Allow-Origin http://campaigndbs.com Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json;charset=utf-8 Content-Length 110 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Pragma no-cache Access-Control-Allow-Origin http://campaigndbs.com X-TID fCsky6JMQFY= Vary Origin P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Location http://dpm.demdex.net/id/rd?d_visid_ver=4.5.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=1E4734FA53DAC2360A490D44%40AdobeOrg&d_nsid=0&ts=1618291978107 Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Access-Control-Allow-Credentials true Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 OK	arka.png campaigndbs.com/IB/Welcome/	3 MB 3 MB	136ms 76ms	Image image/png	83.150.213.33 INTERNETBILISIM
General Check archive.org Show headers Download Go to Show image Full URL http://campaigndbs.com/IB/Welcome/arka.png Requested by Host: campaigndbs.com URL: http://campaigndbs.com/IB/Welcome/ Protocol HTTP/1.1 Server 83.150.213.33 , Turkey, ASN203576 (INTERNETBILISIM, TR), Reverse DNS ist3.internetbilisim.net Software LiteSpeed / Resource Hash `32d35b62494bc5faac382b625d39893a38ee6f8fdafc864e3217cd049bd519eb` Request headers Referer http://campaigndbs.com/IB/Welcome/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 13 Apr 2021 05:32:58 GMT Last-Modified Wed, 06 Jan 2021 20:46:22 GMT Server LiteSpeed Content-Type image/png Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 2941766 Expires Tue, 20 Apr 2021 05:32:58 GMT
GET H/1.1	404 Not Found	FrutigerNextPro-Medium.woff2 campaigndbs.com/IB/Welcome/fonts/frutiger-lt/	0 0	75ms 68ms	Font text/html	83.150.213.33 INTERNETBILISIM
General Check archive.org Show headers Download Go to Full URL http://campaigndbs.com/IB/Welcome/fonts/frutiger-lt/FrutigerNextPro-Medium.woff2 Requested by Host: campaigndbs.com URL: http://campaigndbs.com/IB/Welcome/index_files/language_login.css Protocol HTTP/1.1 Server 83.150.213.33 , Turkey, ASN203576 (INTERNETBILISIM, TR), Reverse DNS ist3.internetbilisim.net Software LiteSpeed / Resource Hash Request headers Origin http://campaigndbs.com Referer http://campaigndbs.com/IB/Welcome/index_files/language_login.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 13 Apr 2021 05:32:58 GMT Cache-Control private, no-cache, no-store, must-revalidate, max-age=0 Server LiteSpeed Connection Keep-Alive Content-Length 1237 Content-Type text/html
GET H/1.1	404 Not Found	frutigernextlt-light-webfont.woff campaigndbs.com/IB/Welcome/fonts/frutiger-lt/	0 0	123ms 76ms	Font text/html	83.150.213.33 INTERNETBILISIM
General Check archive.org Show headers Download Go to Full URL http://campaigndbs.com/IB/Welcome/fonts/frutiger-lt/frutigernextlt-light-webfont.woff Requested by Host: campaigndbs.com URL: http://campaigndbs.com/IB/Welcome/index_files/language_login.css Protocol HTTP/1.1 Server 83.150.213.33 , Turkey, ASN203576 (INTERNETBILISIM, TR), Reverse DNS ist3.internetbilisim.net Software LiteSpeed / Resource Hash Request headers Origin http://campaigndbs.com Referer http://campaigndbs.com/IB/Welcome/index_files/language_login.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 13 Apr 2021 05:32:58 GMT Cache-Control private, no-cache, no-store, must-revalidate, max-age=0 Server LiteSpeed Connection Keep-Alive Content-Length 1237 Content-Type text/html
GET H/1.1	404 Not Found	FrutigerNextPro-Medium.woff campaigndbs.com/IB/Welcome/fonts/frutiger-lt/	0 0	76ms 75ms	Font text/html	83.150.213.33 INTERNETBILISIM
General Check archive.org Show headers Download Go to Full URL http://campaigndbs.com/IB/Welcome/fonts/frutiger-lt/FrutigerNextPro-Medium.woff Requested by Host: campaigndbs.com URL: http://campaigndbs.com/IB/Welcome/index_files/language_login.css Protocol HTTP/1.1 Server 83.150.213.33 , Turkey, ASN203576 (INTERNETBILISIM, TR), Reverse DNS ist3.internetbilisim.net Software LiteSpeed / Resource Hash Request headers Origin http://campaigndbs.com Referer http://campaigndbs.com/IB/Welcome/index_files/language_login.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 13 Apr 2021 05:32:58 GMT Cache-Control private, no-cache, no-store, must-revalidate, max-age=0 Server LiteSpeed Connection Keep-Alive Content-Length 1237 Content-Type text/html
GET		id somniture.dbs.com.sg/	0 0

GET H/1.1	404 Not Found	frutigernextlt-light-webfont.ttf campaigndbs.com/IB/Welcome/fonts/frutiger-lt/	0 0	76ms 76ms	Font text/html	83.150.213.33 INTERNETBILISIM
General Check archive.org Show headers Download Go to Full URL http://campaigndbs.com/IB/Welcome/fonts/frutiger-lt/frutigernextlt-light-webfont.ttf Requested by Host: campaigndbs.com URL: http://campaigndbs.com/IB/Welcome/index_files/language_login.css Protocol HTTP/1.1 Server 83.150.213.33 , Turkey, ASN203576 (INTERNETBILISIM, TR), Reverse DNS ist3.internetbilisim.net Software LiteSpeed / Resource Hash Request headers Origin http://campaigndbs.com Referer http://campaigndbs.com/IB/Welcome/index_files/language_login.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 13 Apr 2021 05:32:58 GMT Cache-Control private, no-cache, no-store, must-revalidate, max-age=0 Server LiteSpeed Connection Keep-Alive Content-Length 1237 Content-Type text/html
GET H/1.1	404 Not Found	FrutigerNextPro-Medium.ttf campaigndbs.com/IB/Welcome/fonts/frutiger-lt/	0 0	77ms 77ms	Font text/html	83.150.213.33 INTERNETBILISIM
General Check archive.org Show headers Download Go to Full URL http://campaigndbs.com/IB/Welcome/fonts/frutiger-lt/FrutigerNextPro-Medium.ttf Requested by Host: campaigndbs.com URL: http://campaigndbs.com/IB/Welcome/index_files/language_login.css Protocol HTTP/1.1 Server 83.150.213.33 , Turkey, ASN203576 (INTERNETBILISIM, TR), Reverse DNS ist3.internetbilisim.net Software LiteSpeed / Resource Hash Request headers Origin http://campaigndbs.com Referer http://campaigndbs.com/IB/Welcome/index_files/language_login.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 13 Apr 2021 05:32:58 GMT Cache-Control private, no-cache, no-store, must-revalidate, max-age=0 Server LiteSpeed Connection Keep-Alive Content-Length 1237 Content-Type text/html
GET		id somniture.dbs.com.sg/	0 0

GET H/1.1	200 OK	id Show response dpm.demdex.net/	2 KB 2 KB	36ms 35ms	XHR application/json	34.251.60.147 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://dpm.demdex.net/id?d_visid_ver=4.5.2&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=1E4734FA53DAC2360A490D44%40AdobeOrg&d_nsid=0&d_mid=92011803617934203705215527398472801115&ts=1618291978335 Requested by Host: campaigndbs.com URL: http://campaigndbs.com/IB/Welcome/index_files/satelliteLib-e1e8c61fc2280cc6fb41b6644be1ca2dfdcf675d.js.indir Protocol HTTP/1.1 Server 34.251.60.147 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-251-60-147.eu-west-1.compute.amazonaws.com Software / Resource Hash `fca6f29e2c579b64e09c8ce411830657ce4107067dc0dd4b3648e49c745de571` Request headers Referer http://campaigndbs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers DCS dcs-prod-irl1-v090-0c9f150ff.edge-irl1.demdex.com 5.80.7.20210304103356 2ms (+1ms) Pragma no-cache Content-Encoding gzip X-TID dphBfELWRW4= Vary Origin, Accept-Encoding, User-Agent P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Access-Control-Allow-Origin http://campaigndbs.com Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json;charset=utf-8 Content-Length 847 Expires Thu, 01 Jan 1970 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: somniture.dbs.com.sg
URL: http://somniture.dbs.com.sg/id?d_visid_ver=4.5.2&d_fieldgroup=MC&mcorgid=1E4734FA53DAC2360A490D44%40AdobeOrg&ts=1618291978204

Domain: somniture.dbs.com.sg
URL: http://somniture.dbs.com.sg/id?d_visid_ver=4.5.2&d_fieldgroup=A&mcorgid=1E4734FA53DAC2360A490D44%40AdobeOrg&mid=92011803617934203705215527398472801115&ts=1618291978305

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DBS Bank (Banking)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.campaigndbs.com/	1969-12-31 23:59:59	Name: AMCVS_1E4734FA53DAC2360A490D44%40AdobeOrg Value: 1
campaigndbs.com/	1970-01-20 11:02:43	Name: _sdsat_lt_pages_viewed Value: 1
campaigndbs.com/	1969-12-31 23:59:59	Name: _sdsat_traffic_source Value:
campaigndbs.com/	1970-01-20 11:02:43	Name: _sdsat_session_count Value: 1
.campaigndbs.com/	1970-01-20 11:02:43	Name: AMCV_1E4734FA53DAC2360A490D44%40AdobeOrg Value: -432600572%7CMCMID%7C92011803617934203705215527398472801115%7CMCAID%7CNONE%7CMCAAMLH-1618896778%7C6%7CMCAAMB-1618896778%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCOPTOUT-1618299178s%7CNONE%7CvVersion%7C4.5.2
campaigndbs.com/	1969-12-31 23:59:59	Name: _sdsat_pages_viewed Value: 1
campaigndbs.com/	1969-12-31 23:59:59	Name: _sdsat_landing_page Value: http://campaigndbs.com/IB/Welcome/\|1618291978102

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://campaigndbs.com/IB/Welcome/index_files/jquery-migrate-3.0.1.js.indir(Line 48) Message: JQMIGRATE: Migrate is installed with logging active, version 3.0.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

campaigndbs.com
dpm.demdex.net
somniture.dbs.com.sg
somniture.dbs.com.sg
34.251.60.147
83.150.213.33
0193214fa8e6b4967207ae6e2e1658b604ac155f62b8e7bcee48ca01b58493ab
29fec9c270f9fd223ed07b0f05e949cf1a4c8713ed3ce7e8315fa3129c0b4d9e
32d35b62494bc5faac382b625d39893a38ee6f8fdafc864e3217cd049bd519eb
3ee370d63a91f74df6f2df9c1c78cea632530c83ae1e5f099cd7226db5e1a74c
670fa4ed164584483d1066b5304061089d05e467c12aa6ed18919f6fcf0d53fd
6cca86c2abcb72266e06a7adb60a3a75d73a092b69bb9732b6c0d1b169e0a35e
84c6613eaacd90987c20b8abd0d0bb660cb5c7e3a40ba97a49335f2fe90e65e1
85072496700e821fb8567e4591598e7818a7345d4d659f7a7bc4617fc286d3d8
8a95fa5d5b4515f001edb15cdae76fed491b81d751be3b1880824defcd349a52
8c8c6e364f6672ddd0c31af9ca9cfb26ad8638e1e096bdc8f90c31d23aaa8dfe
9e93a2a40b22900dfb76bf7898c95dec13e34fe47bb143bbc40210258a6d813a
a55b736b480d80200a8a4ed984ee3f9cbf59f8fa537cabb5606223a0396b1587
a56e82f34c03b1bed67b86e8b09d36303d6204eeb04b968f8fe38077753606ca
b31f234c2fc0eddea5124693681175208f106d0cd8db702b41f8095741e67428
bc8028a27be05f884d8be8027ad78e3130f6b0ec4a803a613b80c3edd3e27b9c
d715b2622a62ee581868e9dc9ad1799012bcd0c88c29827c7604967bed30018a
d8bbc58751585238a79d3cb19abb75d350d3246be6a455f96a61698e382e4c44
e6c707f4efa899287f41b5aa23282c3c330a1e94b71f85ffee62b91d8687af7e
e9d3d6ccbb9d997c7f6e6f46bb9acf3a3e7829f55f1c7daed478aa7d0bf68797
fca6f29e2c579b64e09c8ce411830657ce4107067dc0dd4b3648e49c745de571

campaigndbs.com Open in urlscan Pro 83.150.213.33 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

27 Requests

0 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

3537 kBTransfer

3559 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

7 Cookies

campaigndbs.com Open in urlscan Pro
83.150.213.33 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

0 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

3537 kB
Transfer

3559 kB
Size

7
Cookies

27 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!