fidelitybalancedkmarketwatch.xyz Open in urlscan Pro
2606:4700:3036::6812:2949 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://fidelitybalancedkmarketwatch.xyz/2f8afe0846fa71ec8025833c67979de5/index.html?ip=2601%3A282%3A1200%3A1d8%3A6593%3A8790%3A3ab0%3Aa8...
Submission: On October 10 via manual (October 10th 2020, 5:11:04 pm UTC) from US

Summary HTTP 14 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 14 HTTP transactions. The main IP is 2606:4700:3036::6812:2949, located in United States and belongs to CLOUDFLARENET, US. The main domain is fidelitybalancedkmarketwatch.xyz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 16th 2020. Valid for: a year.

This is the only time fidelitybalancedkmarketwatch.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

	IP Address		AS Autonomous System
14	2606:4700:303... 2606:4700:3036::6812:2949		13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	1

14 2606:4700:3036::6812:2949 (United States)

ASN13335 (CLOUDFLARENET, US)

fidelitybalancedkmarketwatch.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	fidelitybalancedkmarketwatch.xyz fidelitybalancedkmarketwatch.xyz	191 KB
14	1

	Domain	Requested by
14	fidelitybalancedkmarketwatch.xyz	fidelitybalancedkmarketwatch.xyz
14	1

This site contains links to these domains. Also see Links.

Domain
www.licantrums.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-16` - `2021-08-16`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://fidelitybalancedkmarketwatch.xyz/2f8afe0846fa71ec8025833c67979de5/index.html?ip=2601%3A282%3A1200%3A1d8%3A6593%3A8790%3A3ab0%3Aa8f7&siteid=YjY0MTkxMTQ3MjIxMzA2NDk4MjQ5IzE2MDIzMzYyOTVANTk0N0BfZjk1YjcxNjJjYTc5NzE2MWM1MmY2NWRiYjMzZDJlY2U&trackid=202010101325033853
Frame ID: C98C46F38DB30B52AE09551DCB888298
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

14
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

191 kB
Transfer

305 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.licantrums.com/offer?trackid=202010101325033853
Title: Claim

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request index.html Show response fidelitybalancedkmarketwatch.xyz/2f8afe0846fa71ec8025833c67979de5/	33 KB 6 KB	248ms 203ms	Document text/html	2606:4700:3036::6812:2949 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fidelitybalancedkmarketwatch.xyz/2f8afe0846fa71ec8025833c67979de5/index.html?ip=2601%3A282%3A1200%3A1d8%3A6593%3A8790%3A3ab0%3Aa8f7&siteid=YjY0MTkxMTQ3MjIxMzA2NDk4MjQ5IzE2MDIzMzYyOTVANTk0N0BfZjk1YjcxNjJjYTc5NzE2MWM1MmY2NWRiYjMzZDJlY2U&trackid=202010101325033853 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6812:2949 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `dc0b10fa01d6f1e63c2fa289f9c69856ff5e453d5875c4db4480860f5cbe2abf` Request headers :method GET :authority fidelitybalancedkmarketwatch.xyz :scheme https :path /2f8afe0846fa71ec8025833c67979de5/index.html?ip=2601%3A282%3A1200%3A1d8%3A6593%3A8790%3A3ab0%3Aa8f7&siteid=YjY0MTkxMTQ3MjIxMzA2NDk4MjQ5IzE2MDIzMzYyOTVANTk0N0BfZjk1YjcxNjJjYTc5NzE2MWM1MmY2NWRiYjMzZDJlY2U&trackid=202010101325033853 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Sat, 10 Oct 2020 17:10:47 GMT content-type text/html set-cookie __cfduid=d8e89cc48b4f0b08c377834437357d90f1602349846; expires=Mon, 09-Nov-20 17:10:46 GMT; path=/; domain=.fidelitybalancedkmarketwatch.xyz; HttpOnly; SameSite=Lax cache-control no-cache cf-cache-status DYNAMIC cf-request-id 05b5176973000005bb33bc4200000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602349847"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 5e01f4ef1d4c05bb-FRA content-encoding br
GET H2	200	css.css fidelitybalancedkmarketwatch.xyz/2f8afe0846fa71ec8025833c67979de5/css/	2 KB 422 B	203ms 203ms	Stylesheet text/css	2606:4700:3036::6812:2949 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fidelitybalancedkmarketwatch.xyz/2f8afe0846fa71ec8025833c67979de5/css/css.css Requested by Host: fidelitybalancedkmarketwatch.xyz URL: https://fidelitybalancedkmarketwatch.xyz/2f8afe0846fa71ec8025833c67979de5/index.html?ip=2601%3A282%3A1200%3A1d8%3A6593%3A8790%3A3ab0%3Aa8f7&siteid=YjY0MTkxMTQ3MjIxMzA2NDk4MjQ5IzE2MDIzMzYyOTVANTk0N0BfZjk1YjcxNjJjYTc5NzE2MWM1MmY2NWRiYjMzZDJlY2U&trackid=202010101325033853 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6812:2949 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ed7da92a1bd3ca33ff7eb510a906749463c22ef746b49417d0dfa920c5ca4ea4` Request headers Referer https://fidelitybalancedkmarketwatch.xyz/2f8afe0846fa71ec8025833c67979de5/index.html?ip=2601%3A282%3A1200%3A1d8%3A6593%3A8790%3A3ab0%3Aa8f7&siteid=YjY0MTkxMTQ3MjIxMzA2NDk4MjQ5IzE2MDIzMzYyOTVANTk0N0BfZjk1YjcxNjJjYTc5NzE2MWM1MmY2NWRiYjMzZDJlY2U&trackid=202010101325033853 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 10 Oct 2020 17:10:47 GMT content-encoding br cf-cache-status MISS last-modified 1597130076 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602349847"}],"group":"cf-nel","max_age":604800} content-type text/css status 200 cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 5e01f4f0691505bb-FRA cf-request-id 05b5176a45000005bb33bd5200000001
GET H2	200	style.css fidelitybalancedkmarketwatch.xyz/2f8afe0846fa71ec8025833c67979de5/css/	15 KB 3 KB	202ms 201ms	Stylesheet text/css	2606:4700:3036::6812:2949 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fidelitybalancedkmarketwatch.xyz/2f8afe0846fa71ec8025833c67979de5/css/style.css Requested by Host: fidelitybalancedkmarketwatch.xyz URL: https://fidelitybalancedkmarketwatch.xyz/2f8afe0846fa71ec8025833c67979de5/index.html?ip=2601%3A282%3A1200%3A1d8%3A6593%3A8790%3A3ab0%3Aa8f7&siteid=YjY0MTkxMTQ3MjIxMzA2NDk4MjQ5IzE2MDIzMzYyOTVANTk0N0BfZjk1YjcxNjJjYTc5NzE2MWM1MmY2NWRiYjMzZDJlY2U&trackid=202010101325033853 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6812:2949 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f07e75a4304c01966324c065223ee261347963e4e0e286b0f5c86d5b881ca231` Request headers Referer https://fidelitybalancedkmarketwatch.xyz/2f8afe0846fa71ec8025833c67979de5/index.html?ip=2601%3A282%3A1200%3A1d8%3A6593%3A8790%3A3ab0%3Aa8f7&siteid=YjY0MTkxMTQ3MjIxMzA2NDk4MjQ5IzE2MDIzMzYyOTVANTk0N0BfZjk1YjcxNjJjYTc5NzE2MWM1MmY2NWRiYjMzZDJlY2U&trackid=202010101325033853 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 10 Oct 2020 17:10:47 GMT content-encoding br cf-cache-status MISS last-modified 1597130076 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602349847"}],"group":"cf-nel","max_age":604800} content-type text/css status 200 cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 5e01f4f0791a05bb-FRA cf-request-id 05b5176a46000005bb33bd6200000001
GET H2	200	2000px-Comcast_Logo.svg.png fidelitybalancedkmarketwatch.xyz/2f8afe0846fa71ec8025833c67979de5/img/	68 KB 68 KB	387ms 385ms	Image image/png	2606:4700:3036::6812:2949 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://fidelitybalancedkmarketwatch.xyz/2f8afe0846fa71ec8025833c67979de5/img/2000px-Comcast_Logo.svg.png Requested by Host: fidelitybalancedkmarketwatch.xyz URL: https://fidelitybalancedkmarketwatch.xyz/2f8afe0846fa71ec8025833c67979de5/index.html?ip=2601%3A282%3A1200%3A1d8%3A6593%3A8790%3A3ab0%3Aa8f7&siteid=YjY0MTkxMTQ3MjIxMzA2NDk4MjQ5IzE2MDIzMzYyOTVANTk0N0BfZjk1YjcxNjJjYTc5NzE2MWM1MmY2NWRiYjMzZDJlY2U&trackid=202010101325033853 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6812:2949 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `83eb2c57b7045a330da65315231bd3a6c6f79dcf961bf96116ca6f78cd2d4a18` Request headers Referer https://fidelitybalancedkmarketwatch.xyz/2f8afe0846fa71ec8025833c67979de5/index.html?ip=2601%3A282%3A1200%3A1d8%3A6593%3A8790%3A3ab0%3Aa8f7&siteid=YjY0MTkxMTQ3MjIxMzA2NDk4MjQ5IzE2MDIzMzYyOTVANTk0N0BfZjk1YjcxNjJjYTc5NzE2MWM1MmY2NWRiYjMzZDJlY2U&trackid=202010101325033853 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 10 Oct 2020 17:10:47 GMT cf-cache-status MISS last-modified 1597130076 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602349847"}],"group":"cf-nel","max_age":604800} content-type image/png status 200 cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 5e01f4f0793005bb-FRA content-length 69874 cf-request-id 05b5176a4b000005bb33bda200000001
GET H2	200	iphone-11pro.png fidelitybalancedkmarketwatch.xyz/2f8afe0846fa71ec8025833c67979de5/img/	20 KB 20 KB	296ms 294ms	Image image/png	2606:4700:3036::6812:2949 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://fidelitybalancedkmarketwatch.xyz/2f8afe0846fa71ec8025833c67979de5/img/iphone-11pro.png Requested by Host: fidelitybalancedkmarketwatch.xyz URL: https://fidelitybalancedkmarketwatch.xyz/2f8afe0846fa71ec8025833c67979de5/index.html?ip=2601%3A282%3A1200%3A1d8%3A6593%3A8790%3A3ab0%3Aa8f7&siteid=YjY0MTkxMTQ3MjIxMzA2NDk4MjQ5IzE2MDIzMzYyOTVANTk0N0BfZjk1YjcxNjJjYTc5NzE2MWM1MmY2NWRiYjMzZDJlY2U&trackid=202010101325033853 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6812:2949 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a8623ba93a525f8a6502568774bb9b4962a9f4f503e858f9fcd3d39471b5929d` Request headers Referer https://fidelitybalancedkmarketwatch.xyz/2f8afe0846fa71ec8025833c67979de5/index.html?ip=2601%3A282%3A1200%3A1d8%3A6593%3A8790%3A3ab0%3Aa8f7&siteid=YjY0MTkxMTQ3MjIxMzA2NDk4MjQ5IzE2MDIzMzYyOTVANTk0N0BfZjk1YjcxNjJjYTc5NzE2MWM1MmY2NWRiYjMzZDJlY2U&trackid=202010101325033853 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 10 Oct 2020 17:10:47 GMT cf-cache-status MISS last-modified 1597130076 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602349847"}],"group":"cf-nel","max_age":604800} content-type image/png status 200 cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 5e01f4f0793105bb-FRA content-length 20865 cf-request-id 05b5176a4b000005bb33bdb200000001
GET H2	200	samsung-s20.png fidelitybalancedkmarketwatch.xyz/2f8afe0846fa71ec8025833c67979de5/img/	43 KB 43 KB	389ms 388ms	Image image/png	2606:4700:3036::6812:2949 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://fidelitybalancedkmarketwatch.xyz/2f8afe0846fa71ec8025833c67979de5/img/samsung-s20.png Requested by Host: fidelitybalancedkmarketwatch.xyz URL: https://fidelitybalancedkmarketwatch.xyz/2f8afe0846fa71ec8025833c67979de5/index.html?ip=2601%3A282%3A1200%3A1d8%3A6593%3A8790%3A3ab0%3Aa8f7&siteid=YjY0MTkxMTQ3MjIxMzA2NDk4MjQ5IzE2MDIzMzYyOTVANTk0N0BfZjk1YjcxNjJjYTc5NzE2MWM1MmY2NWRiYjMzZDJlY2U&trackid=202010101325033853 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6812:2949 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0e4fa1b2ffb54dc29aa2e13514ca913a1a7286353be137456729787fbcbf7beb` Request headers Referer https://fidelitybalancedkmarketwatch.xyz/2f8afe0846fa71ec8025833c67979de5/index.html?ip=2601%3A282%3A1200%3A1d8%3A6593%3A8790%3A3ab0%3Aa8f7&siteid=YjY0MTkxMTQ3MjIxMzA2NDk4MjQ5IzE2MDIzMzYyOTVANTk0N0BfZjk1YjcxNjJjYTc5NzE2MWM1MmY2NWRiYjMzZDJlY2U&trackid=202010101325033853 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 10 Oct 2020 17:10:47 GMT cf-cache-status MISS last-modified 1597130076 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602349847"}],"group":"cf-nel","max_age":604800} content-type image/png status 200 cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 5e01f4f0793205bb-FRA content-length 44391 cf-request-id 05b5176a4b000005bb33bdc200000001
GET H2	200	walmart.png fidelitybalancedkmarketwatch.xyz/2f8afe0846fa71ec8025833c67979de5/img/	12 KB 12 KB	204ms 202ms	Image image/png	2606:4700:3036::6812:2949 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://fidelitybalancedkmarketwatch.xyz/2f8afe0846fa71ec8025833c67979de5/img/walmart.png Requested by Host: fidelitybalancedkmarketwatch.xyz URL: https://fidelitybalancedkmarketwatch.xyz/2f8afe0846fa71ec8025833c67979de5/index.html?ip=2601%3A282%3A1200%3A1d8%3A6593%3A8790%3A3ab0%3Aa8f7&siteid=YjY0MTkxMTQ3MjIxMzA2NDk4MjQ5IzE2MDIzMzYyOTVANTk0N0BfZjk1YjcxNjJjYTc5NzE2MWM1MmY2NWRiYjMzZDJlY2U&trackid=202010101325033853 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6812:2949 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `adf2ffbb950f57be7808e57b9977d4b2e72e94bc31b3217f99e44688be33e2b7` Request headers Referer https://fidelitybalancedkmarketwatch.xyz/2f8afe0846fa71ec8025833c67979de5/index.html?ip=2601%3A282%3A1200%3A1d8%3A6593%3A8790%3A3ab0%3Aa8f7&siteid=YjY0MTkxMTQ3MjIxMzA2NDk4MjQ5IzE2MDIzMzYyOTVANTk0N0BfZjk1YjcxNjJjYTc5NzE2MWM1MmY2NWRiYjMzZDJlY2U&trackid=202010101325033853 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 10 Oct 2020 17:10:47 GMT cf-cache-status MISS last-modified 1597130076 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602349847"}],"group":"cf-nel","max_age":604800} content-type image/png status 200 cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 5e01f4f0793305bb-FRA content-length 12684 cf-request-id 05b5176a4b000005bb33bdd200000001
GET H2	200	disqus_hr.gif fidelitybalancedkmarketwatch.xyz/2f8afe0846fa71ec8025833c67979de5/img/	90 B 184 B	205ms 204ms	Image image/gif	2606:4700:3036::6812:2949 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://fidelitybalancedkmarketwatch.xyz/2f8afe0846fa71ec8025833c67979de5/img/disqus_hr.gif Requested by Host: fidelitybalancedkmarketwatch.xyz URL: https://fidelitybalancedkmarketwatch.xyz/2f8afe0846fa71ec8025833c67979de5/index.html?ip=2601%3A282%3A1200%3A1d8%3A6593%3A8790%3A3ab0%3Aa8f7&siteid=YjY0MTkxMTQ3MjIxMzA2NDk4MjQ5IzE2MDIzMzYyOTVANTk0N0BfZjk1YjcxNjJjYTc5NzE2MWM1MmY2NWRiYjMzZDJlY2U&trackid=202010101325033853 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6812:2949 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `afe0c709cf4b479c6c621957b265236e04898760fde3bb29939db4afef4d13c0` Request headers Referer https://fidelitybalancedkmarketwatch.xyz/2f8afe0846fa71ec8025833c67979de5/index.html?ip=2601%3A282%3A1200%3A1d8%3A6593%3A8790%3A3ab0%3Aa8f7&siteid=YjY0MTkxMTQ3MjIxMzA2NDk4MjQ5IzE2MDIzMzYyOTVANTk0N0BfZjk1YjcxNjJjYTc5NzE2MWM1MmY2NWRiYjMzZDJlY2U&trackid=202010101325033853 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 10 Oct 2020 17:10:47 GMT cf-cache-status MISS last-modified 1597130076 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602349847"}],"group":"cf-nel","max_age":604800} content-type image/gif status 200 cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 5e01f4f0793505bb-FRA content-length 90 cf-request-id 05b5176a4b000005bb33bde200000001
GET H2	200	loader2.gif fidelitybalancedkmarketwatch.xyz/2f8afe0846fa71ec8025833c67979de5/img/	2 KB 2 KB	208ms 207ms	Image image/gif	2606:4700:3036::6812:2949 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://fidelitybalancedkmarketwatch.xyz/2f8afe0846fa71ec8025833c67979de5/img/loader2.gif Requested by Host: fidelitybalancedkmarketwatch.xyz URL: https://fidelitybalancedkmarketwatch.xyz/2f8afe0846fa71ec8025833c67979de5/index.html?ip=2601%3A282%3A1200%3A1d8%3A6593%3A8790%3A3ab0%3Aa8f7&siteid=YjY0MTkxMTQ3MjIxMzA2NDk4MjQ5IzE2MDIzMzYyOTVANTk0N0BfZjk1YjcxNjJjYTc5NzE2MWM1MmY2NWRiYjMzZDJlY2U&trackid=202010101325033853 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6812:2949 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `81f8c055e3b99087883460c942b82d796fe5d2512101511e85d395b7a1690738` Request headers Referer https://fidelitybalancedkmarketwatch.xyz/2f8afe0846fa71ec8025833c67979de5/index.html?ip=2601%3A282%3A1200%3A1d8%3A6593%3A8790%3A3ab0%3Aa8f7&siteid=YjY0MTkxMTQ3MjIxMzA2NDk4MjQ5IzE2MDIzMzYyOTVANTk0N0BfZjk1YjcxNjJjYTc5NzE2MWM1MmY2NWRiYjMzZDJlY2U&trackid=202010101325033853 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 10 Oct 2020 17:10:47 GMT cf-cache-status MISS last-modified 1597130076 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602349847"}],"group":"cf-nel","max_age":604800} content-type image/gif status 200 cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 5e01f4f0793605bb-FRA content-length 1818 cf-request-id 05b5176a4b000005bb33bdf200000001
GET H2	200	sweet-alert.css fidelitybalancedkmarketwatch.xyz/2f8afe0846fa71ec8025833c67979de5/css/	9 KB 2 KB	207ms 205ms	Stylesheet text/css	2606:4700:3036::6812:2949 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fidelitybalancedkmarketwatch.xyz/2f8afe0846fa71ec8025833c67979de5/css/sweet-alert.css Requested by Host: fidelitybalancedkmarketwatch.xyz URL: https://fidelitybalancedkmarketwatch.xyz/2f8afe0846fa71ec8025833c67979de5/index.html?ip=2601%3A282%3A1200%3A1d8%3A6593%3A8790%3A3ab0%3Aa8f7&siteid=YjY0MTkxMTQ3MjIxMzA2NDk4MjQ5IzE2MDIzMzYyOTVANTk0N0BfZjk1YjcxNjJjYTc5NzE2MWM1MmY2NWRiYjMzZDJlY2U&trackid=202010101325033853 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6812:2949 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a53c3f6eae8bc0eb63be57ad60bef7cba48c52cf2783b0f24d9eabafc98b6ba4` Request headers Referer https://fidelitybalancedkmarketwatch.xyz/2f8afe0846fa71ec8025833c67979de5/index.html?ip=2601%3A282%3A1200%3A1d8%3A6593%3A8790%3A3ab0%3Aa8f7&siteid=YjY0MTkxMTQ3MjIxMzA2NDk4MjQ5IzE2MDIzMzYyOTVANTk0N0BfZjk1YjcxNjJjYTc5NzE2MWM1MmY2NWRiYjMzZDJlY2U&trackid=202010101325033853 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 10 Oct 2020 17:10:47 GMT content-encoding br cf-cache-status MISS last-modified 1597130076 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602349847"}],"group":"cf-nel","max_age":604800} content-type text/css status 200 cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 5e01f4f0792c05bb-FRA cf-request-id 05b5176a4b000005bb33bd7200000001
GET H2	200	jquery.min.js Show response fidelitybalancedkmarketwatch.xyz/2f8afe0846fa71ec8025833c67979de5/js/	82 KB 28 KB	297ms 295ms	Script application/javascript	2606:4700:3036::6812:2949 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fidelitybalancedkmarketwatch.xyz/2f8afe0846fa71ec8025833c67979de5/js/jquery.min.js Requested by Host: fidelitybalancedkmarketwatch.xyz URL: https://fidelitybalancedkmarketwatch.xyz/2f8afe0846fa71ec8025833c67979de5/index.html?ip=2601%3A282%3A1200%3A1d8%3A6593%3A8790%3A3ab0%3Aa8f7&siteid=YjY0MTkxMTQ3MjIxMzA2NDk4MjQ5IzE2MDIzMzYyOTVANTk0N0BfZjk1YjcxNjJjYTc5NzE2MWM1MmY2NWRiYjMzZDJlY2U&trackid=202010101325033853 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6812:2949 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5` Request headers Referer https://fidelitybalancedkmarketwatch.xyz/2f8afe0846fa71ec8025833c67979de5/index.html?ip=2601%3A282%3A1200%3A1d8%3A6593%3A8790%3A3ab0%3Aa8f7&siteid=YjY0MTkxMTQ3MjIxMzA2NDk4MjQ5IzE2MDIzMzYyOTVANTk0N0BfZjk1YjcxNjJjYTc5NzE2MWM1MmY2NWRiYjMzZDJlY2U&trackid=202010101325033853 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 10 Oct 2020 17:10:47 GMT content-encoding br cf-cache-status MISS last-modified 1597130076 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602349847"}],"group":"cf-nel","max_age":604800} content-type application/javascript status 200 cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 5e01f4f0792e05bb-FRA cf-request-id 05b5176a4b000005bb33bd8200000001
GET H2	200	script.js Show response fidelitybalancedkmarketwatch.xyz/2f8afe0846fa71ec8025833c67979de5/js/	2 KB 598 B	218ms 216ms	Script application/javascript	2606:4700:3036::6812:2949 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fidelitybalancedkmarketwatch.xyz/2f8afe0846fa71ec8025833c67979de5/js/script.js Requested by Host: fidelitybalancedkmarketwatch.xyz URL: https://fidelitybalancedkmarketwatch.xyz/2f8afe0846fa71ec8025833c67979de5/index.html?ip=2601%3A282%3A1200%3A1d8%3A6593%3A8790%3A3ab0%3Aa8f7&siteid=YjY0MTkxMTQ3MjIxMzA2NDk4MjQ5IzE2MDIzMzYyOTVANTk0N0BfZjk1YjcxNjJjYTc5NzE2MWM1MmY2NWRiYjMzZDJlY2U&trackid=202010101325033853 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6812:2949 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4f940fbbdf2ff183f93c3093c1a49ad8e4f7ba52ffde09b071d94bd8fa66dc5f` Request headers Referer https://fidelitybalancedkmarketwatch.xyz/2f8afe0846fa71ec8025833c67979de5/index.html?ip=2601%3A282%3A1200%3A1d8%3A6593%3A8790%3A3ab0%3Aa8f7&siteid=YjY0MTkxMTQ3MjIxMzA2NDk4MjQ5IzE2MDIzMzYyOTVANTk0N0BfZjk1YjcxNjJjYTc5NzE2MWM1MmY2NWRiYjMzZDJlY2U&trackid=202010101325033853 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 10 Oct 2020 17:10:47 GMT content-encoding br cf-cache-status MISS last-modified 1597130076 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602349847"}],"group":"cf-nel","max_age":604800} content-type application/javascript status 200 cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 5e01f4f0792f05bb-FRA cf-request-id 05b5176a4b000005bb33bd9200000001
GET H2	200	style.css fidelitybalancedkmarketwatch.xyz/2f8afe0846fa71ec8025833c67979de5/css/	15 KB 3 KB	200ms 199ms	Font text/css	2606:4700:3036::6812:2949 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fidelitybalancedkmarketwatch.xyz/2f8afe0846fa71ec8025833c67979de5/css/style.css Requested by Host: fidelitybalancedkmarketwatch.xyz URL: https://fidelitybalancedkmarketwatch.xyz/2f8afe0846fa71ec8025833c67979de5/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6812:2949 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f07e75a4304c01966324c065223ee261347963e4e0e286b0f5c86d5b881ca231` Request headers Origin https://fidelitybalancedkmarketwatch.xyz Referer https://fidelitybalancedkmarketwatch.xyz/2f8afe0846fa71ec8025833c67979de5/css/style.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 10 Oct 2020 17:10:47 GMT content-encoding br cf-cache-status MISS last-modified 1597130076 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602349848"}],"group":"cf-nel","max_age":604800} content-type text/css status 200 cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 5e01f4f1bd8e05bb-FRA cf-request-id 05b5176b17000005bb33bf2200000001
GET H2	200	css.css fidelitybalancedkmarketwatch.xyz/2f8afe0846fa71ec8025833c67979de5/css/	2 KB 422 B	206ms 205ms	Font text/css	2606:4700:3036::6812:2949 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fidelitybalancedkmarketwatch.xyz/2f8afe0846fa71ec8025833c67979de5/css/css.css Requested by Host: fidelitybalancedkmarketwatch.xyz URL: https://fidelitybalancedkmarketwatch.xyz/2f8afe0846fa71ec8025833c67979de5/css/css.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6812:2949 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ed7da92a1bd3ca33ff7eb510a906749463c22ef746b49417d0dfa920c5ca4ea4` Request headers Origin https://fidelitybalancedkmarketwatch.xyz Referer https://fidelitybalancedkmarketwatch.xyz/2f8afe0846fa71ec8025833c67979de5/css/css.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 10 Oct 2020 17:10:47 GMT content-encoding br cf-cache-status MISS last-modified 1597130076 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602349848"}],"group":"cf-nel","max_age":604800} content-type text/css status 200 cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 5e01f4f1cda205bb-FRA cf-request-id 05b5176b1a000005bb33bf4200000001

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.fidelitybalancedkmarketwatch.xyz/	1970-01-19 13:49:01	Name: __cfduid Value: d8e89cc48b4f0b08c377834437357d90f1602349846

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fidelitybalancedkmarketwatch.xyz
2606:4700:3036::6812:2949
0e4fa1b2ffb54dc29aa2e13514ca913a1a7286353be137456729787fbcbf7beb
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
4f940fbbdf2ff183f93c3093c1a49ad8e4f7ba52ffde09b071d94bd8fa66dc5f
81f8c055e3b99087883460c942b82d796fe5d2512101511e85d395b7a1690738
83eb2c57b7045a330da65315231bd3a6c6f79dcf961bf96116ca6f78cd2d4a18
a53c3f6eae8bc0eb63be57ad60bef7cba48c52cf2783b0f24d9eabafc98b6ba4
a8623ba93a525f8a6502568774bb9b4962a9f4f503e858f9fcd3d39471b5929d
adf2ffbb950f57be7808e57b9977d4b2e72e94bc31b3217f99e44688be33e2b7
afe0c709cf4b479c6c621957b265236e04898760fde3bb29939db4afef4d13c0
dc0b10fa01d6f1e63c2fa289f9c69856ff5e453d5875c4db4480860f5cbe2abf
ed7da92a1bd3ca33ff7eb510a906749463c22ef746b49417d0dfa920c5ca4ea4
f07e75a4304c01966324c065223ee261347963e4e0e286b0f5c86d5b881ca231

fidelitybalancedkmarketwatch.xyz Open in urlscan Pro 2606:4700:3036::6812:2949 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

191 kBTransfer

305 kBSize

1 Cookies

1 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

18 JavaScript Global Variables

1 Cookies

Indicators

fidelitybalancedkmarketwatch.xyz Open in urlscan Pro
2606:4700:3036::6812:2949 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

191 kB
Transfer

305 kB
Size

1
Cookies

14 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!