urlscan.io logo urlscan.io
SecurityTrails logo

fortunehotelsgroup.com Open in urlscan Pro
209.59.188.147  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://fortunehotelsgroup.com/testing2/yeedddeeed?entity=60865
Effective URL: http://fortunehotelsgroup.com/testing2/yeedddeeed/?entity=60865
Submission: On December 14 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 5 HTTP transactions. The main IP is 209.59.188.147, located in United States and belongs to LIQUIDWEB, US. The main domain is fortunehotelsgroup.com.
This is the only time fortunehotelsgroup.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Bank of America (Banking)

Domain & IP information

IP Address AS Autonomous System
1 6 209.59.188.147 32244 (LIQUIDWEB)
5 1
Apex Domain
Subdomains		 Transfer
6 fortunehotelsgroup.com
fortunehotelsgroup.com
70 KB
5 1
Domain Requested by
6 fortunehotelsgroup.com 1 redirects fortunehotelsgroup.com
5 1

This site contains no links.

Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://fortunehotelsgroup.com/testing2/yeedddeeed/?entity=60865
Frame ID: EF09370B2DF9E06FAABC7971EC9A5183
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign In

Page URL History Show full URLs

  1. http://fortunehotelsgroup.com/testing2/yeedddeeed?entity=60865 HTTP 301
    http://fortunehotelsgroup.com/testing2/yeedddeeed/?entity=60865 Page URL

Page Statistics

5
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

70 kB
Transfer

69 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://fortunehotelsgroup.com/testing2/yeedddeeed?entity=60865 HTTP 301
    http://fortunehotelsgroup.com/testing2/yeedddeeed/?entity=60865 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
fortunehotelsgroup.com/testing2/yeedddeeed/
Redirect Chain
  • http://fortunehotelsgroup.com/testing2/yeedddeeed?entity=60865
  • http://fortunehotelsgroup.com/testing2/yeedddeeed/?entity=60865
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://fortunehotelsgroup.com/testing2/yeedddeeed/?entity=60865
Protocol
HTTP/1.1
Server
209.59.188.147 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.claimsxperts.com
Software
Apache / PHP/7.3.33
Resource Hash
18fa3ea79e118fd11a02d621bff3ff3b2031ffac42d71cf882da4421b2d70f30

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Wed, 14 Dec 2022 17:50:15 GMT
Keep-Alive
timeout=2, max=499
Server
Apache
Transfer-Encoding
chunked
X-Powered-By
PHP/7.3.33

Redirect headers

Connection
Keep-Alive
Content-Length
271
Content-Type
text/html; charset=iso-8859-1
Date
Wed, 14 Dec 2022 17:50:15 GMT
Keep-Alive
timeout=2, max=500
Location
http://fortunehotelsgroup.com/testing2/yeedddeeed/?entity=60865
Server
Apache
d1.png
fortunehotelsgroup.com/testing2/yeedddeeed/images/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://fortunehotelsgroup.com/testing2/yeedddeeed/images/d1.png
Requested by
Host: fortunehotelsgroup.com
URL: http://fortunehotelsgroup.com/testing2/yeedddeeed/?entity=60865
Protocol
HTTP/1.1
Server
209.59.188.147 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.claimsxperts.com
Software
Apache /
Resource Hash
6ebb42bb07578c98aaa07692545abcc17401e51ad5373aa8bafac92ad6269801

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://fortunehotelsgroup.com/testing2/yeedddeeed/?entity=60865
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 17:50:15 GMT
Last-Modified
Thu, 17 Sep 2020 11:08:20 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=498
Content-Length
31400
d2.png
fortunehotelsgroup.com/testing2/yeedddeeed/images/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://fortunehotelsgroup.com/testing2/yeedddeeed/images/d2.png
Requested by
Host: fortunehotelsgroup.com
URL: http://fortunehotelsgroup.com/testing2/yeedddeeed/?entity=60865
Protocol
HTTP/1.1
Server
209.59.188.147 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.claimsxperts.com
Software
Apache /
Resource Hash
66444a71beeae109f784882b33358b7ed6760c8cefe498753bb3c591664e748e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://fortunehotelsgroup.com/testing2/yeedddeeed/?entity=60865
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 17:50:15 GMT
Last-Modified
Thu, 17 Sep 2020 10:45:22 GMT
Server
Apache
Upgrade
h2
Content-Type
image/png
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=500
Content-Length
33985
d3.png
fortunehotelsgroup.com/testing2/yeedddeeed/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://fortunehotelsgroup.com/testing2/yeedddeeed/images/d3.png
Requested by
Host: fortunehotelsgroup.com
URL: http://fortunehotelsgroup.com/testing2/yeedddeeed/?entity=60865
Protocol
HTTP/1.1
Server
209.59.188.147 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.claimsxperts.com
Software
Apache /
Resource Hash
7f19f7a6f23e1887b63c6e31e902995fc82b0d958d611eb7ae5222ceb94b3c30

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://fortunehotelsgroup.com/testing2/yeedddeeed/?entity=60865
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 17:50:15 GMT
Last-Modified
Thu, 17 Sep 2020 10:45:42 GMT
Server
Apache
Upgrade
h2
Content-Type
image/png
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=500
Content-Length
2148
d4.png
fortunehotelsgroup.com/testing2/yeedddeeed/images/ 		713 B
977 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://fortunehotelsgroup.com/testing2/yeedddeeed/images/d4.png
Requested by
Host: fortunehotelsgroup.com
URL: http://fortunehotelsgroup.com/testing2/yeedddeeed/?entity=60865
Protocol
HTTP/1.1
Server
209.59.188.147 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.claimsxperts.com
Software
Apache /
Resource Hash
d30ff5cde28e3560e75a2be3d1a069687185ab79dd9bf0cd004bf69da7cb0646

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://fortunehotelsgroup.com/testing2/yeedddeeed/?entity=60865
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 17:50:15 GMT
Last-Modified
Thu, 17 Sep 2020 10:45:56 GMT
Server
Apache
Upgrade
h2
Content-Type
image/png
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=500
Content-Length
713

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Bank of America (Banking)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange

0 Cookies