att.akknds.one
Open in
urlscan Pro
155.94.128.159
Malicious Activity!
Public Scan
Effective URL: https://att.akknds.one/
Submission: On September 19 via manual from AU — Scanned from AU
Summary
TLS certificate: Issued by R3 on September 16th 2022. Valid for: 3 months.
This is the only time att.akknds.one was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: AT&T (Telecommunication)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 11 | 155.94.128.159 155.94.128.159 | 8100 (ASN-QUADR...) (ASN-QUADRANET-GLOBAL) | |
2 | 104.16.85.20 104.16.85.20 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 69.16.175.42 69.16.175.42 | 20446 (STACKPATH...) (STACKPATH-CDN) | |
13 | 3 |
ASN8100 (ASN-QUADRANET-GLOBAL, US)
PTR: unassigned.quadranet.com
att.akknds.one |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
akknds.one
1 redirects
att.akknds.one |
87 KB |
2 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 392 |
53 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 654 |
30 KB |
13 | 3 |
Domain | Requested by | |
---|---|---|
11 | att.akknds.one |
1 redirects
att.akknds.one
code.jquery.com |
2 | cdn.jsdelivr.net |
att.akknds.one
|
1 | code.jquery.com |
att.akknds.one
|
13 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
att.akknds.one R3 |
2022-09-16 - 2022-12-15 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-06-02 - 2023-06-01 |
a year | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2022-08-03 - 2023-07-14 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://att.akknds.one/
Frame ID: BEB5AC10897584A0F92EE2C291285201
Requests: 13 HTTP requests in this frame
Screenshot
Page Title
ATTPage URL History Show full URLs
-
http://att.akknds.one/
HTTP 301
https://att.akknds.one/ Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://att.akknds.one/
HTTP 301
https://att.akknds.one/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
att.akknds.one/ Redirect Chain
|
10 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.2.1/dist/css/ |
191 KB 29 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
att.akknds.one/assets/css/ |
14 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mobile_style.css
att.akknds.one/assets/css/ |
354 B 298 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.1.min.js
code.jquery.com/ |
88 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.2.1/dist/js/ |
79 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
att.akknds.one/img/ |
38 KB 38 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
att-logo.svg
att.akknds.one/assets/images/ |
8 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
checkmark.svg
att.akknds.one/assets/images/ |
350 B 326 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ipChecker.js
att.akknds.one/js/ |
767 B 534 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ATTAleckSans_W_Rg.woff2
att.akknds.one/assets/fonts/ |
18 KB 18 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ATTAleckSans_W_Md.woff2
att.akknds.one/assets/fonts/ |
19 KB 19 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
checkIP.php
att.akknds.one/ |
1 B 172 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: AT&T (Telecommunication)13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery number| uidEvent object| bootstrap1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
att.akknds.one/ | Name: PHPSESSID Value: ui7erm1qt2nr6d11mffgqq1s62 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
att.akknds.one
cdn.jsdelivr.net
code.jquery.com
104.16.85.20
155.94.128.159
69.16.175.42
2933c96348a4eae7cbbf8f280ca0981586a9b5c097ef952b996cad7d28f2fad0
59ea63b5ffe0f060e37c24a44b6406943df9e4fca39e2ef43023c2ae9783f220
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
6982fbe858e30068de9301b49438c83838bc7beb058146703b22b701e6709c7e
79284e392de27fa7d9105101f87493e3a6c19615b44c31282765c77eb2177cb3
8f5899965224c4db463749c8f40026f436aaf85af4f82c44349513b12bca4c24
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a85b2fe307777c8eb47f06a1eec399fcbddfe83d252fd202d3e1358051fcf27d
b589ac98cac6d578082d9d2e8bb354abcab6f41f25a081a613227a37def44c9a
b84e900db3dadea01b39e2ebecced54b0db767164c20a57ada09a49ca03866f6
dd384707faad2ce4014e9b7f0c1207980ef97d19682db23209767dcf66b16fd2
de8c09c64f7783a50afea6d1754a1cdf8d2e6134847af5fed8e2a67af99231c9
e2740c7b209e33aca7176250d80f94b4924e5e5d18076ee3b95f32a0e20d1f58