urlscan.io logo urlscan.io
SecurityTrails logo

objectstorage.us-ashburn-1.oraclecloud.com Open in urlscan Pro
134.70.24.1  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://objectstorage.us-ashburn-1.oraclecloud.com/n/idggio2oze0f/b/wuuwuuwwwwwwuuwwuuwworg/o/Att-Mail-Verification.html
Submission Tags: phishing
Submission: On November 28 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 1 HTTP transactions. The main IP is 134.70.24.1, located in Ashburn, United States and belongs to ORACLE-BMC-31898, US. The main domain is objectstorage.us-ashburn-1.oraclecloud.com. The Cisco Umbrella rank of the primary domain is 57758.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on October 25th 2023. Valid for: a year.
This is the only time objectstorage.us-ashburn-1.oraclecloud.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: AT&T (Telecommunication)

Domain & IP information

IP Address AS Autonomous System
1 134.70.24.1 31898 (ORACLE-BM...)
1 2
Apex Domain
Subdomains		 Transfer
1 oraclecloud.com
objectstorage.us-ashburn-1.oraclecloud.com — Cisco Umbrella Rank: 57758
157 KB
1 1
Domain Requested by
1 objectstorage.us-ashburn-1.oraclecloud.com
1 1

This site contains no links.

Subject Issuer Validity Valid
objectstorage.us-ashburn-1.oraclecloud.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-25 -
2024-10-25		 a year crt.sh

This page contains 1 frames:

Primary Page: https://objectstorage.us-ashburn-1.oraclecloud.com/n/idggio2oze0f/b/wuuwuuwwwwwwuuwwuuwworg/o/Att-Mail-Verification.html
Frame ID: F00A4B0F6BCFCF48EE8B7B928203412D
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login Screen

Page Statistics

1
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

202 kB
Transfer

210 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Att-Mail-Verification.html
objectstorage.us-ashburn-1.oraclecloud.com/n/idggio2oze0f/b/wuuwuuwwwwwwuuwwuuwworg/o/ 		156 KB
157 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://objectstorage.us-ashburn-1.oraclecloud.com/n/idggio2oze0f/b/wuuwuuwwwwwwuuwwuuwworg/o/Att-Mail-Verification.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.70.24.1 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash
5bbbf4c830d12a480d3c2237a478e4f5fc6d4071b28fe41e6f1f618c3b00dc14

Request headers

Upgrade-Insecure-Requests
1
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language
en-US,en;q=0.9

Response headers

Content-Length
159757
Content-Type
text/html
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
content-md5
Qd0Tcl5QkZMy2Kx5OcD/cQ==
date
Tue, 28 Nov 2023 18:08:53 GMT
etag
dcaa2ef2-2cc3-4d2b-a0e3-99ce08102a42
last-modified
Tue, 28 Nov 2023 16:43:14 GMT
opc-request-id
iad-1:H6gClMF_28eez4z9kL2QpEv-Co4wQZJZRLgasSzmtTwMIVe7C17xiBdI7w4aYT9t
storage-tier
Standard
version-id
e644ec92-3641-4a9d-9c8e-2f1f4618f0d3
x-api-id
native
truncated
/ 		8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6982fbe858e30068de9301b49438c83838bc7beb058146703b22b701e6709c7e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Content-Type
image/svg+xml
truncated
/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
07b3a3d0f02092988f8b70fa51992fa109b23bbc82638fc857dee5ee0e3ad5dc

Request headers

Referer
Origin
https://objectstorage.us-ashburn-1.oraclecloud.com
accept-language
en-US,en;q=0.9
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Content-Type
application/x-font-woff
truncated
/ 		373 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bde0c02c23f58bacdd0622f928446c1512fdc85d9c141ceabffd36aee8aba60c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Content-Type
image/svg+xml
truncated
/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3664f91baec63678fabaa2afa2411aa50292e47cacb796aaf7c862620698d11e

Request headers

Referer
Origin
https://objectstorage.us-ashburn-1.oraclecloud.com
accept-language
en-US,en;q=0.9
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Content-Type
application/x-font-woff

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: AT&T (Telecommunication)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture

0 Cookies