infradel.com Open in urlscan Pro
64.37.52.138 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://infradel.com/usaa/usaa/att.html
Submission: On January 18 via automatic, source openphish (January 18th 2024, 1:12:58 am UTC) — Scanned from DE

Summary HTTP 23 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 23 HTTP transactions. The main IP is 64.37.52.138, located in United States and belongs to DIMENOC, US. The main domain is infradel.com.
TLS certificate: Issued by R3 on November 20th 2023. Valid for: 3 months.

This is the only time infradel.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: AT&T (Telecommunication)

Domain & IP information

	IP Address	AS Autonomous System
1	64.37.52.138 64.37.52.138	33182 (DIMENOC) (DIMENOC)
16	93.190.41.98 93.190.41.98	6849 (UKRTELNET) (UKRTELNET)
23	3

1 64.37.52.138 (United States)

ASN33182 (DIMENOC, US)
PTR: sun.nsjet.com

infradel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 93.190.41.98 (Ukraine)

ASN6849 (UKRTELNET, UA)
PTR: server2.erahosting.net

veliki.kiev.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	veliki.kiev.ua veliki.kiev.ua	163 KB
1	infradel.com infradel.com	16 KB
23	2

	Domain	Requested by
16	veliki.kiev.ua	infradel.com veliki.kiev.ua
1	infradel.com
23	2

This site contains links to these domains. Also see Links.

Domain
identity.att.com
www.att.com
about.att.com

Subject Issuer	Validity	Valid
www.infradel.com R3	`2023-11-20` - `2024-02-18`	3 months	crt.sh
veliki.kiev.ua Certum Domain Validation CA SHA2	`2023-04-24` - `2024-04-23`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://infradel.com/usaa/usaa/att.html
Frame ID: 4FDFC44720858E8F0CE1A3C350603689
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login Screen

Page Statistics

23
Requests

74 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

180 kB
Transfer

179 kB
Size

0
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://identity.att.com/identity-ui/fid/lander?origination_point=tguard&trid=0fce4000f8ff2b5efad371b883047cb203aefbc9&appName=m40842&Return_URL=https%3A%2F%2Foidc.idp.clogin.att.com%2Fmga%2Fsps%2Foauth%2Foauth20%2Fauthorize%3Fnonce%3DLmypIN6KkB%26redirect_uri%3Dhttps%253A%252F%252Fatt-yahoo.att.net%252Fisam%252Fsps%252Foidc%252Frp%252FATT-HBO-RP%252Fredirect%252FYahoo%26response_type%3Did_token%26response_mode%3Dform_post%26state%3DXPWGm1bCvD%26scope%3Dopenid%26client_id%3Dm40842&Cancel_URL=https%3A%2F%2Foidc.idp.clogin.att.com%2Fmga%2Fsps%2Foauth%2Foauth20%2Fauthorize%3Fnonce%3DLmypIN6KkB%26redirect_uri%3Dhttps%253A%252F%252Fatt-yahoo.att.net%252Fisam%252Fsps%252Foidc%252Frp%252FATT-HBO-RP%252Fredirect%252FYahoo%26response_type%3Did_token%26response_mode%3Dform_post%26state%3DXPWGm1bCvD%26scope%3Dopenid%26client_id%3Dm40842&lang=en-us
Title: Forgot user ID?

Search URL Search Domain Scan URL

URL: https://identity.att.com/identity-ui/fpwd/lander?origination_point=tguard&trid=0fce4000f8ff2b5efad371b883047cb203aefbc9&appName=m40842&Return_URL=https%3A%2F%2Foidc.idp.clogin.att.com%2Fmga%2Fsps%2Foauth%2Foauth20%2Fauthorize%3Fnonce%3DLmypIN6KkB%26redirect_uri%3Dhttps%253A%252F%252Fatt-yahoo.att.net%252Fisam%252Fsps%252Foidc%252Frp%252FATT-HBO-RP%252Fredirect%252FYahoo%26response_type%3Did_token%26response_mode%3Dform_post%26state%3DXPWGm1bCvD%26scope%3Dopenid%26client_id%3Dm40842&Cancel_URL=https%3A%2F%2Foidc.idp.clogin.att.com%2Fmga%2Fsps%2Foauth%2Foauth20%2Fauthorize%3Fnonce%3DLmypIN6KkB%26redirect_uri%3Dhttps%253A%252F%252Fatt-yahoo.att.net%252Fisam%252Fsps%252Foidc%252Frp%252FATT-HBO-RP%252Fredirect%252FYahoo%26response_type%3Did_token%26response_mode%3Dform_post%26state%3DXPWGm1bCvD%26scope%3Dopenid%26client_id%3Dm40842&lang=en-us
Title: Forgot password?

Search URL Search Domain Scan URL

URL: https://www.att.com/acctmgmt/registration?origination_point=OP
Title: Create one now

Search URL Search Domain Scan URL

URL: https://www.att.com/legal/legal-policy-center.html
Title: Legal policy center

Search URL Search Domain Scan URL

URL: https://about.att.com/sites/privacy_policy
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://www.att.com/legal/terms.attWebsiteTermsOfUse.html
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://www.att.com/features/accessibility.html
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://about.att.com/csr/home/privacy/rights_choices.html
Title: Do not sell my personal information

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request att.html Show response infradel.com/usaa/usaa/	16 KB 16 KB	736ms 207ms	Document text/html	64.37.52.138 DIMENOC
General Check archive.org Show headers Download Go to Full URL https://infradel.com/usaa/usaa/att.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 64.37.52.138 , United States, ASN33182 (DIMENOC, US), Reverse DNS sun.nsjet.com Software Apache / Resource Hash `3519c0b6a17d8236ac1d58e12835a77b5991ee3316195b93c23954e92fe8124a` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Connection Keep-Alive Content-Length 16555 Content-Type text/html Date Thu, 18 Jan 2024 01:12:51 GMT Keep-Alive timeout=5, max=100 Last-Modified Sat, 13 May 2023 05:22:14 GMT Server Apache
GET H/1.1	404 Not Found	att_common_002.js veliki.kiev.ua/includes/css/	0 0	345ms 74ms	Script text/html	93.190.41.98 UKRTELNET
General Check archive.org Show headers Download Go to Full URL https://veliki.kiev.ua/includes/css/att_common_002.js Requested by Host: infradel.com URL: https://infradel.com/usaa/usaa/att.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 93.190.41.98 , Ukraine, ASN6849 (UKRTELNET, UA), Reverse DNS server2.erahosting.net Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://infradel.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers
GET H/1.1	404 Not Found	detm-container-hdr.js veliki.kiev.ua/includes/css/	0 0	317ms 66ms	Script text/html	93.190.41.98 UKRTELNET
General Check archive.org Show headers Download Go to Full URL https://veliki.kiev.ua/includes/css/detm-container-hdr.js Requested by Host: infradel.com URL: https://infradel.com/usaa/usaa/att.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 93.190.41.98 , Ukraine, ASN6849 (UKRTELNET, UA), Reverse DNS server2.erahosting.net Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://infradel.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers
GET H/1.1	404 Not Found	quantum-att-loader.js veliki.kiev.ua/includes/css/	0 0	219ms 72ms	Script text/html	93.190.41.98 UKRTELNET
General Check archive.org Show headers Download Go to Full URL https://veliki.kiev.ua/includes/css/quantum-att-loader.js Requested by Host: infradel.com URL: https://infradel.com/usaa/usaa/att.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 93.190.41.98 , Ukraine, ASN6849 (UKRTELNET, UA), Reverse DNS server2.erahosting.net Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://infradel.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers
GET H/1.1	404 Not Found	att_common.js veliki.kiev.ua/includes/css/	0 0	333ms 71ms	Script text/html	93.190.41.98 UKRTELNET
General Check archive.org Show headers Download Go to Full URL https://veliki.kiev.ua/includes/css/att_common.js Requested by Host: infradel.com URL: https://infradel.com/usaa/usaa/att.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 93.190.41.98 , Ukraine, ASN6849 (UKRTELNET, UA), Reverse DNS server2.erahosting.net Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://infradel.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers
GET H/1.1	404 Not Found	quantum-att.js veliki.kiev.ua/includes/css/	0 0	218ms 72ms	Script text/html	93.190.41.98 UKRTELNET
General Check archive.org Show headers Download Go to Full URL https://veliki.kiev.ua/includes/css/quantum-att.js Requested by Host: infradel.com URL: https://infradel.com/usaa/usaa/att.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 93.190.41.98 , Ukraine, ASN6849 (UKRTELNET, UA), Reverse DNS server2.erahosting.net Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://infradel.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers
GET H/1.1	404 Not Found	ssaf-uc.js veliki.kiev.ua/includes/css/	0 0	65ms 65ms	Script text/html	93.190.41.98 UKRTELNET
General Check archive.org Show headers Download Go to Full URL https://veliki.kiev.ua/includes/css/ssaf-uc.js Requested by Host: infradel.com URL: https://infradel.com/usaa/usaa/att.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 93.190.41.98 , Ukraine, ASN6849 (UKRTELNET, UA), Reverse DNS server2.erahosting.net Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://infradel.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers
GET H/1.1	404 Not Found	f.txt veliki.kiev.ua/includes/css/	0 0	337ms 72ms	Script text/html	93.190.41.98 UKRTELNET
General Check archive.org Show headers Download Go to Full URL https://veliki.kiev.ua/includes/css/f.txt Requested by Host: infradel.com URL: https://infradel.com/usaa/usaa/att.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 93.190.41.98 , Ukraine, ASN6849 (UKRTELNET, UA), Reverse DNS server2.erahosting.net Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://infradel.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers
GET H/1.1	404 Not Found	timeout.js veliki.kiev.ua/includes/css/	0 0	339ms 72ms	Script text/html	93.190.41.98 UKRTELNET
General Check archive.org Show headers Download Go to Full URL https://veliki.kiev.ua/includes/css/timeout.js Requested by Host: infradel.com URL: https://infradel.com/usaa/usaa/att.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 93.190.41.98 , Ukraine, ASN6849 (UKRTELNET, UA), Reverse DNS server2.erahosting.net Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://infradel.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers
GET H/1.1	200 OK	styles.css veliki.kiev.ua/includes/css/	154 KB 154 KB	379ms 130ms	Stylesheet text/css	93.190.41.98 UKRTELNET
General Check archive.org Show headers Download Go to Full URL https://veliki.kiev.ua/includes/css/styles.css Requested by Host: infradel.com URL: https://infradel.com/usaa/usaa/att.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 93.190.41.98 , Ukraine, ASN6849 (UKRTELNET, UA), Reverse DNS server2.erahosting.net Software nginx / Resource Hash `db8f928b76604c3c3411437b6df8dcd9017c21758430804a9f2db77f2ae88ffc` Request headers accept-language de-DE,de;q=0.9 Referer https://infradel.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Date Thu, 18 Jan 2024 01:12:52 GMT Last-Modified Tue, 18 Oct 2022 16:40:01 GMT Server nginx Connection keep-alive Accept-Ranges bytes Content-Length 157877 Content-Type text/css
GET H/1.1	200 OK	att-logo.svg veliki.kiev.ua/includes/css/	8 KB 8 KB	198ms 66ms	Image image/svg+xml	93.190.41.98 UKRTELNET
General Check archive.org Show headers Download Go to Show image Full URL https://veliki.kiev.ua/includes/css/att-logo.svg Requested by Host: infradel.com URL: https://infradel.com/usaa/usaa/att.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 93.190.41.98 , Ukraine, ASN6849 (UKRTELNET, UA), Reverse DNS server2.erahosting.net Software nginx / Resource Hash `6982fbe858e30068de9301b49438c83838bc7beb058146703b22b701e6709c7e` Request headers accept-language de-DE,de;q=0.9 Referer https://infradel.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Date Thu, 18 Jan 2024 01:12:52 GMT Last-Modified Tue, 18 Oct 2022 16:40:13 GMT Server nginx Connection keep-alive Accept-Ranges bytes Content-Length 8369 Content-Type image/svg+xml
GET H/1.1	200 OK	checkmark.svg veliki.kiev.ua/includes/css/	350 B 563 B	199ms 66ms	Image image/svg+xml	93.190.41.98 UKRTELNET
General Check archive.org Show headers Download Go to Show image Full URL https://veliki.kiev.ua/includes/css/checkmark.svg Requested by Host: infradel.com URL: https://infradel.com/usaa/usaa/att.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 93.190.41.98 , Ukraine, ASN6849 (UKRTELNET, UA), Reverse DNS server2.erahosting.net Software nginx / Resource Hash `b589ac98cac6d578082d9d2e8bb354abcab6f41f25a081a613227a37def44c9a` Request headers accept-language de-DE,de;q=0.9 Referer https://infradel.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Date Thu, 18 Jan 2024 01:12:52 GMT Last-Modified Tue, 18 Oct 2022 16:40:09 GMT Server nginx Connection keep-alive Accept-Ranges bytes Content-Length 350 Content-Type image/svg+xml
GET H/1.1	404 Not Found	runtime.js veliki.kiev.ua/includes/css/	0 0	66ms 66ms	Script text/html	93.190.41.98 UKRTELNET
General Check archive.org Show headers Download Go to Full URL https://veliki.kiev.ua/includes/css/runtime.js Requested by Host: infradel.com URL: https://infradel.com/usaa/usaa/att.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 93.190.41.98 , Ukraine, ASN6849 (UKRTELNET, UA), Reverse DNS server2.erahosting.net Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://infradel.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers
GET H/1.1	404 Not Found	polyfills.js veliki.kiev.ua/includes/css/	0 0	66ms 65ms	Script text/html	93.190.41.98 UKRTELNET
General Check archive.org Show headers Download Go to Full URL https://veliki.kiev.ua/includes/css/polyfills.js Requested by Host: infradel.com URL: https://infradel.com/usaa/usaa/att.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 93.190.41.98 , Ukraine, ASN6849 (UKRTELNET, UA), Reverse DNS server2.erahosting.net Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://infradel.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers
GET H/1.1	404 Not Found	vendor.js veliki.kiev.ua/includes/css/	0 0	196ms 65ms	Script text/html	93.190.41.98 UKRTELNET
General Check archive.org Show headers Download Go to Full URL https://veliki.kiev.ua/includes/css/vendor.js Requested by Host: infradel.com URL: https://infradel.com/usaa/usaa/att.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 93.190.41.98 , Ukraine, ASN6849 (UKRTELNET, UA), Reverse DNS server2.erahosting.net Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://infradel.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers
GET H/1.1	404 Not Found	main.js veliki.kiev.ua/includes/css/	0 0	201ms 66ms	Script text/html	93.190.41.98 UKRTELNET
General Check archive.org Show headers Download Go to Full URL https://veliki.kiev.ua/includes/css/main.js Requested by Host: infradel.com URL: https://infradel.com/usaa/usaa/att.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 93.190.41.98 , Ukraine, ASN6849 (UKRTELNET, UA), Reverse DNS server2.erahosting.net Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://infradel.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers
GET H/1.1	404 Not Found	detm-container-ftr.js veliki.kiev.ua/includes/css/	0 0	204ms 65ms	Script text/html	93.190.41.98 UKRTELNET
General Check archive.org Show headers Download Go to Full URL https://veliki.kiev.ua/includes/css/detm-container-ftr.js Requested by Host: infradel.com URL: https://infradel.com/usaa/usaa/att.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 93.190.41.98 , Ukraine, ASN6849 (UKRTELNET, UA), Reverse DNS server2.erahosting.net Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://infradel.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers
GET		ATTAleckSans_W_Rg.woff2 veliki.kiev.ua/includes/css/assets/fonts/att/ATTAleckSans/woff2/	0 0

GET		ATTAleckSans_W_Md.woff2 veliki.kiev.ua/includes/css/assets/fonts/att/ATTAleckSans/woff2/	0 0

GET		ATTAleckSans_W_Rg.woff veliki.kiev.ua/includes/css/assets/fonts/att/ATTAleckSans/woff/	0 0

GET		ATTAleckSans_W_Md.woff veliki.kiev.ua/includes/css/assets/fonts/att/ATTAleckSans/woff/	0 0

GET		ATTAleckSans_W_Rg.ttf veliki.kiev.ua/includes/css/assets/fonts/att/ATTAleckSans/ttf/	0 0

GET		ATTAleckSans_W_Md.ttf veliki.kiev.ua/includes/css/assets/fonts/att/ATTAleckSans/ttf/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: veliki.kiev.ua
URL: https://veliki.kiev.ua/includes/css/assets/fonts/att/ATTAleckSans/woff2/ATTAleckSans_W_Rg.woff2

Domain: veliki.kiev.ua
URL: https://veliki.kiev.ua/includes/css/assets/fonts/att/ATTAleckSans/woff2/ATTAleckSans_W_Md.woff2

Domain: veliki.kiev.ua
URL: https://veliki.kiev.ua/includes/css/assets/fonts/att/ATTAleckSans/woff/ATTAleckSans_W_Rg.woff

Domain: veliki.kiev.ua
URL: https://veliki.kiev.ua/includes/css/assets/fonts/att/ATTAleckSans/woff/ATTAleckSans_W_Md.woff

Domain: veliki.kiev.ua
URL: https://veliki.kiev.ua/includes/css/assets/fonts/att/ATTAleckSans/ttf/ATTAleckSans_W_Rg.ttf

Domain: veliki.kiev.ua
URL: https://veliki.kiev.ua/includes/css/assets/fonts/att/ATTAleckSans/ttf/ATTAleckSans_W_Md.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: AT&T (Telecommunication)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| detmScriptLoadType object| timeoutJspVars

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

25 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://veliki.kiev.ua/includes/css/detm-container-hdr.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://veliki.kiev.ua/includes/css/att_common.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://veliki.kiev.ua/includes/css/f.txt Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://veliki.kiev.ua/includes/css/timeout.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://veliki.kiev.ua/includes/css/att_common_002.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://veliki.kiev.ua/includes/css/detm-container-ftr.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://veliki.kiev.ua/includes/css/quantum-att-loader.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://veliki.kiev.ua/includes/css/quantum-att.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://veliki.kiev.ua/includes/css/ssaf-uc.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://veliki.kiev.ua/includes/css/runtime.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://veliki.kiev.ua/includes/css/polyfills.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	error	URL: https://infradel.com/usaa/usaa/att.html Message: Access to font at 'https://veliki.kiev.ua/includes/css/assets/fonts/att/ATTAleckSans/woff2/ATTAleckSans_W_Rg.woff2' from origin 'https://infradel.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://veliki.kiev.ua/includes/css/assets/fonts/att/ATTAleckSans/woff2/ATTAleckSans_W_Rg.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://infradel.com/usaa/usaa/att.html Message: Access to font at 'https://veliki.kiev.ua/includes/css/assets/fonts/att/ATTAleckSans/woff2/ATTAleckSans_W_Md.woff2' from origin 'https://infradel.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://veliki.kiev.ua/includes/css/assets/fonts/att/ATTAleckSans/woff2/ATTAleckSans_W_Md.woff2 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://veliki.kiev.ua/includes/css/vendor.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://veliki.kiev.ua/includes/css/main.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	error	URL: https://infradel.com/usaa/usaa/att.html Message: Access to font at 'https://veliki.kiev.ua/includes/css/assets/fonts/att/ATTAleckSans/woff/ATTAleckSans_W_Rg.woff' from origin 'https://infradel.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://veliki.kiev.ua/includes/css/assets/fonts/att/ATTAleckSans/woff/ATTAleckSans_W_Rg.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://infradel.com/usaa/usaa/att.html Message: Access to font at 'https://veliki.kiev.ua/includes/css/assets/fonts/att/ATTAleckSans/woff/ATTAleckSans_W_Md.woff' from origin 'https://infradel.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://veliki.kiev.ua/includes/css/assets/fonts/att/ATTAleckSans/woff/ATTAleckSans_W_Md.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://infradel.com/usaa/usaa/att.html Message: Access to font at 'https://veliki.kiev.ua/includes/css/assets/fonts/att/ATTAleckSans/ttf/ATTAleckSans_W_Rg.ttf' from origin 'https://infradel.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://veliki.kiev.ua/includes/css/assets/fonts/att/ATTAleckSans/ttf/ATTAleckSans_W_Rg.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://infradel.com/usaa/usaa/att.html Message: Access to font at 'https://veliki.kiev.ua/includes/css/assets/fonts/att/ATTAleckSans/ttf/ATTAleckSans_W_Md.ttf' from origin 'https://infradel.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://veliki.kiev.ua/includes/css/assets/fonts/att/ATTAleckSans/ttf/ATTAleckSans_W_Md.ttf Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

infradel.com
veliki.kiev.ua
veliki.kiev.ua
64.37.52.138
93.190.41.98
3519c0b6a17d8236ac1d58e12835a77b5991ee3316195b93c23954e92fe8124a
6982fbe858e30068de9301b49438c83838bc7beb058146703b22b701e6709c7e
b589ac98cac6d578082d9d2e8bb354abcab6f41f25a081a613227a37def44c9a
db8f928b76604c3c3411437b6df8dcd9017c21758430804a9f2db77f2ae88ffc

infradel.com Open in urlscan Pro 64.37.52.138 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

23 Requests

74 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

180 kBTransfer

179 kBSize

0 Cookies

8 Outgoing links

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

2 JavaScript Global Variables

0 Cookies

25 Console Messages

Indicators

infradel.com Open in urlscan Pro
64.37.52.138 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

74 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

180 kB
Transfer

179 kB
Size

0
Cookies

23 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!