www.fortuna.lk Open in urlscan Pro
207.45.187.89 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.fortuna.lk/DHL/billing.php
Submission: On November 18 via manual (November 18th 2023, 9:07:17 am UTC) from DZ — Scanned from DE

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 10 HTTP transactions. The main IP is 207.45.187.89, located in United States and belongs to ASACENET1, US. The main domain is www.fortuna.lk.
TLS certificate: Issued by R3 on November 15th 2023. Valid for: 3 months.

This is the only time www.fortuna.lk was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DHL (Transportation)

Domain & IP information

	IP Address		AS Autonomous System
10	207.45.187.89 207.45.187.89		22878 (ASACENET1) (ASACENET1)
10	1

10 207.45.187.89 (United States)

ASN22878 (ASACENET1, US)
PTR: fortunalanka.com

www.fortuna.lk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	fortuna.lk www.fortuna.lk	43 KB
10	1

	Domain	Requested by
10	www.fortuna.lk	www.fortuna.lk
10	1

This site contains no links.

Subject Issuer	Validity	Valid
*.fortuna.lk R3	`2023-11-15` - `2024-02-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.fortuna.lk/DHL/billing.php
Frame ID: D9E006816AE67F8BFF0C2710F88E24FE
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Pasaulinė logistika | Tarptautinis siuntimas | DHL | Lenkija

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

43 kB
Transfer

50 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request billing.php Show response
www.fortuna.lk/DHL/ 6 KB
2 KB 2055ms
1736ms Document
text/html 207.45.187.89
ASACENET1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fortuna.lk/DHL/billing.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

207.45.187.89 , United States, ASN22878 (ASACENET1, US),

Reverse DNS

fortunalanka.com

Software

Apache / PHP/7.4.33

Resource Hash

4b2b837703e4564ed6bbfa84852ac931a14e6e5f3f997e1a20e745374973131e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=2592000
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 1518
Content-Type: text/html; charset=UTF-8
Date: Sat, 18 Nov 2023 09:07:11 GMT
Expires: Mon, 18 Dec 2023 09:07:11 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding,User-Agent
X-Powered-By: PHP/7.4.33

GET
H/1.1 200
OK header.css
www.fortuna.lk/DHL/css/ 6 KB
2 KB 121ms
120ms Stylesheet
text/css 207.45.187.89
ASACENET1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fortuna.lk/DHL/css/header.css

Requested by

Host: www.fortuna.lk
URL: https://www.fortuna.lk/DHL/billing.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

207.45.187.89 , United States, ASN22878 (ASACENET1, US),

Reverse DNS

fortunalanka.com

Software

Apache /

Resource Hash

e0cd60b4b91620fc5ea59d9a28c2509efca95e3981ea8f52733e5ec0c6123375

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fortuna.lk/DHL/billing.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sat, 18 Nov 2023 09:07:12 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000
Last-Modified: Sat, 18 Nov 2023 09:06:33 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1334
Expires: Mon, 18 Dec 2023 09:07:12 GMT

GET
H/1.1 200
OK dhl-logo.svg
www.fortuna.lk/DHL/images/ 2 KB
1 KB 235ms
113ms Image
image/svg+xml 207.45.187.89
ASACENET1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortuna.lk/DHL/images/dhl-logo.svg

Requested by

Host: www.fortuna.lk
URL: https://www.fortuna.lk/DHL/billing.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

207.45.187.89 , United States, ASN22878 (ASACENET1, US),

Reverse DNS

fortunalanka.com

Software

Apache /

Resource Hash

362bcaa42090e36611031bec6bdaa0600375ef847092cca195c58d3bae9b4419

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fortuna.lk/DHL/billing.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sat, 18 Nov 2023 09:07:12 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000
Last-Modified: Sat, 18 Nov 2023 09:06:33 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 722
Expires: Mon, 18 Dec 2023 09:07:12 GMT

GET
H/1.1 200
OK searchloupe.svg
www.fortuna.lk/DHL/images/ 329 B
663 B 337ms
116ms Image
image/svg+xml 207.45.187.89
ASACENET1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortuna.lk/DHL/images/searchloupe.svg

Requested by

Host: www.fortuna.lk
URL: https://www.fortuna.lk/DHL/billing.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

207.45.187.89 , United States, ASN22878 (ASACENET1, US),

Reverse DNS

fortunalanka.com

Software

Apache /

Resource Hash

fd85293d457b5dc514838dd7d5c7c1509a7eed60e23cb32ab9303666833eb98a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fortuna.lk/DHL/billing.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sat, 18 Nov 2023 09:07:13 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000
Last-Modified: Sat, 18 Nov 2023 09:06:33 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 242
Expires: Mon, 18 Dec 2023 09:07:13 GMT

GET
H/1.1 200
OK headermobile.JPG
www.fortuna.lk/DHL/images/ 9 KB
9 KB 338ms
116ms Image
image/jpeg 207.45.187.89
ASACENET1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortuna.lk/DHL/images/headermobile.JPG

Requested by

Host: www.fortuna.lk
URL: https://www.fortuna.lk/DHL/billing.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

207.45.187.89 , United States, ASN22878 (ASACENET1, US),

Reverse DNS

fortunalanka.com

Software

Apache /

Resource Hash

c600aea2fa4dad3a13560e01bedf9e6c45db0571c3257d9e53e51c4f8fbbc41f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fortuna.lk/DHL/billing.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sat, 18 Nov 2023 09:07:13 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Sat, 18 Nov 2023 09:06:33 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 9061
Expires: Sun, 17 Nov 2024 09:07:13 GMT

GET
H/1.1 200
OK saba9m.JPG
www.fortuna.lk/DHL/images/ 8 KB
8 KB 338ms
116ms Image
image/jpeg 207.45.187.89
ASACENET1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortuna.lk/DHL/images/saba9m.JPG

Requested by

Host: www.fortuna.lk
URL: https://www.fortuna.lk/DHL/billing.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

207.45.187.89 , United States, ASN22878 (ASACENET1, US),

Reverse DNS

fortunalanka.com

Software

Apache /

Resource Hash

d1b64fb7749d0d3c905c5244660a21f3d8e29699457f2889274c8a717742b6c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fortuna.lk/DHL/billing.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sat, 18 Nov 2023 09:07:13 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Sat, 18 Nov 2023 09:06:33 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 7956
Expires: Sun, 17 Nov 2024 09:07:13 GMT

GET
H/1.1 200
OK customer.svg
www.fortuna.lk/DHL/images/ 2 KB
1 KB 347ms
113ms Image
image/svg+xml 207.45.187.89
ASACENET1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortuna.lk/DHL/images/customer.svg

Requested by

Host: www.fortuna.lk
URL: https://www.fortuna.lk/DHL/billing.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

207.45.187.89 , United States, ASN22878 (ASACENET1, US),

Reverse DNS

fortunalanka.com

Software

Apache /

Resource Hash

0c3950f8653400246636960456db609af841feb691e53911e763ee282616a390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fortuna.lk/DHL/billing.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sat, 18 Nov 2023 09:07:13 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000
Last-Modified: Sat, 18 Nov 2023 09:06:33 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 757
Expires: Mon, 18 Dec 2023 09:07:13 GMT

GET
H/1.1 200
OK ssdsd.JPG
www.fortuna.lk/DHL/images/ 8 KB
8 KB 330ms
111ms Image
image/jpeg 207.45.187.89
ASACENET1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortuna.lk/DHL/images/ssdsd.JPG

Requested by

Host: www.fortuna.lk
URL: https://www.fortuna.lk/DHL/billing.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

207.45.187.89 , United States, ASN22878 (ASACENET1, US),

Reverse DNS

fortunalanka.com

Software

Apache /

Resource Hash

7dcdd04db64c3edd7e9868c6238b622d33caee1e7bdadbf2623d801109eefef1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fortuna.lk/DHL/billing.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sat, 18 Nov 2023 09:07:13 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Sat, 18 Nov 2023 09:06:33 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 7949
Expires: Sun, 17 Nov 2024 09:07:13 GMT

GET
H/1.1 200
OK feedback.png
www.fortuna.lk/DHL/images/ 2 KB
2 KB 210ms
119ms Image
image/png 207.45.187.89
ASACENET1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortuna.lk/DHL/images/feedback.png

Requested by

Host: www.fortuna.lk
URL: https://www.fortuna.lk/DHL/billing.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

207.45.187.89 , United States, ASN22878 (ASACENET1, US),

Reverse DNS

fortunalanka.com

Software

Apache /

Resource Hash

3221db8f898b88e467ebbb8ae155a37bd02087b3df197ad5c4ecead06db08cdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fortuna.lk/DHL/billing.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sat, 18 Nov 2023 09:07:13 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Sat, 18 Nov 2023 09:06:33 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1577
Expires: Sun, 17 Nov 2024 09:07:13 GMT

GET
H/1.1 200
OK socials.JPG
www.fortuna.lk/DHL/images/ 9 KB
9 KB 210ms
120ms Image
image/jpeg 207.45.187.89
ASACENET1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fortuna.lk/DHL/images/socials.JPG

Requested by

Host: www.fortuna.lk
URL: https://www.fortuna.lk/DHL/billing.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

207.45.187.89 , United States, ASN22878 (ASACENET1, US),

Reverse DNS

fortunalanka.com

Software

Apache /

Resource Hash

1ace605596027318737abeca712c7a0d6d76f753cf82affba37c3d2f44862ae4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fortuna.lk/DHL/billing.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sat, 18 Nov 2023 09:07:13 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Sat, 18 Nov 2023 09:06:33 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 9110
Expires: Sun, 17 Nov 2024 09:07:13 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DHL (Transportation)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| redirect

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

www.fortuna.lk
207.45.187.89
0c3950f8653400246636960456db609af841feb691e53911e763ee282616a390
1ace605596027318737abeca712c7a0d6d76f753cf82affba37c3d2f44862ae4
3221db8f898b88e467ebbb8ae155a37bd02087b3df197ad5c4ecead06db08cdf
362bcaa42090e36611031bec6bdaa0600375ef847092cca195c58d3bae9b4419
4b2b837703e4564ed6bbfa84852ac931a14e6e5f3f997e1a20e745374973131e
7dcdd04db64c3edd7e9868c6238b622d33caee1e7bdadbf2623d801109eefef1
c600aea2fa4dad3a13560e01bedf9e6c45db0571c3257d9e53e51c4f8fbbc41f
d1b64fb7749d0d3c905c5244660a21f3d8e29699457f2889274c8a717742b6c5
e0cd60b4b91620fc5ea59d9a28c2509efca95e3981ea8f52733e5ec0c6123375
fd85293d457b5dc514838dd7d5c7c1509a7eed60e23cb32ab9303666833eb98a

www.fortuna.lk Open in urlscan Pro 207.45.187.89 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

10 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

43 kBTransfer

50 kBSize

0 Cookies

0 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

2 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

www.fortuna.lk Open in urlscan Pro
207.45.187.89 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

43 kB
Transfer

50 kB
Size

0
Cookies

10 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!