mail.fizzionclean.com

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 1 HTTP transactions. The main IP is 68.178.230.42, located in United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is mail.fizzionclean.com.

This is the only time mail.fizzionclean.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: KeyBank (Banking)

Domain & IP information

	IP Address		AS Autonomous System
1	68.178.230.42 68.178.230.42		26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
1	2

1 68.178.230.42 (United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: 42.230.178.68.host.secureserver.net

mail.fizzionclean.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	fizzionclean.com mail.fizzionclean.com	103 KB
1	1

	Domain	Requested by
1	mail.fizzionclean.com
1	1

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://mail.fizzionclean.com/wp-content/plugins/press/keykeykey/Key/login/
Frame ID: 2509BEB9BB53643F02C52ED00700F026
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

KeyBank Online

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Page Statistics

1
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

178 kB
Transfer

259 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions
6 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response mail.fizzionclean.com/wp-content/plugins/press/keykeykey/Key/login/	167 KB 103 KB	493ms 204ms	Document text/html	68.178.230.42 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL http://mail.fizzionclean.com/wp-content/plugins/press/keykeykey/Key/login/ Protocol HTTP/1.1 Server 68.178.230.42 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS 42.230.178.68.host.secureserver.net Software Apache / Resource Hash `e2a5a698ec86c47a98369c8ae8be33eacc566f662b199b9b8864f20dd09de675` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Cache-Control max-age=7200 Connection Upgrade, Keep-Alive Content-Encoding gzip Content-Type text/html Date Thu, 10 Aug 2023 13:17:11 GMT ETag "6c056f-29bab-5cfe2969d4100-gzip" Expires Thu, 10 Aug 2023 15:17:11 GMT Keep-Alive timeout=5 Last-Modified Wed, 03 Nov 2021 13:43:00 GMT Server Apache Transfer-Encoding chunked Upgrade h2,h2c Vary Accept-Encoding X-Endurance-Cache-Level 0 X-nginx-cache WordPress
GET DATA	200 OK	truncated /	12 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `07eeecd82d157b4f6d4147ede1b838e77e5e772e74307a3f53cf9c4afdffa15e` Request headers accept-language de-DE,de;q=0.9 Referer http://mail.fizzionclean.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	6 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `4712701bf2f3b3b93bdfc9aa8c2c3e8dbdf6f3c4cbce9fc9a766c7cb5b281e5b` Request headers accept-language de-DE,de;q=0.9 Referer http://mail.fizzionclean.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	16 KB 16 KB		Font font/woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `43bbfdd5b050730da3162f0a7bb3fd4a0630bb5c85e5227df299824ce6efdfa4` Request headers Referer http://mail.fizzionclean.com/ Origin http://mail.fizzionclean.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Type font/woff
GET DATA	200 OK	truncated /	21 KB 21 KB		Font font/woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `ddfd4b05469490c09cbeb9ad8a8ea32422f50ada7ec4b7a0fdcd5b5430c666f6` Request headers Referer http://mail.fizzionclean.com/ Origin http://mail.fizzionclean.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Type font/woff
GET DATA	200 OK	truncated /	22 KB 22 KB		Font font/woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `a269939cfb4cf61f30a867d53d89e96698826070e0beb418bc0c267044be73ae` Request headers Referer http://mail.fizzionclean.com/ Origin http://mail.fizzionclean.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Type font/woff
GET DATA	200 OK	truncated /	16 KB 16 KB		Font font/woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `e9175c083dd30b9aafd6339f49b57c47f11ff513fedf5574aeea52f34cb230a1` Request headers Referer http://mail.fizzionclean.com/ Origin http://mail.fizzionclean.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Type font/woff

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: KeyBank (Banking)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

mail.fizzionclean.com
68.178.230.42
07eeecd82d157b4f6d4147ede1b838e77e5e772e74307a3f53cf9c4afdffa15e
43bbfdd5b050730da3162f0a7bb3fd4a0630bb5c85e5227df299824ce6efdfa4
4712701bf2f3b3b93bdfc9aa8c2c3e8dbdf6f3c4cbce9fc9a766c7cb5b281e5b
a269939cfb4cf61f30a867d53d89e96698826070e0beb418bc0c267044be73ae
ddfd4b05469490c09cbeb9ad8a8ea32422f50ada7ec4b7a0fdcd5b5430c666f6
e2a5a698ec86c47a98369c8ae8be33eacc566f662b199b9b8864f20dd09de675
e9175c083dd30b9aafd6339f49b57c47f11ff513fedf5574aeea52f34cb230a1

mail.fizzionclean.com Open in urlscan Pro 68.178.230.42 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

1 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

178 kBTransfer

259 kBSize

0 Cookies

0 Outgoing links

Redirected requests

1 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

1 JavaScript Global Variables

0 Cookies

Indicators

mail.fizzionclean.com Open in urlscan Pro
68.178.230.42 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

1
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

178 kB
Transfer

259 kB
Size

0
Cookies

1 HTTP transactions
6 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!