# att.jxdin.cc — MALICIOUS

> att.jxdin.cc is flagged for high-risk generic phishing activity. Avoid interaction and verify safety before visiting this domain. Stay protected online.

## Summary
PhishDestroy identifies att.jxdin.cc as a high-risk generic phishing domain. The domain exhibits behavior commonly associated with phishing attacks, aiming to deceive users into divulging sensitive information such as login credentials or financial data. Due to its malicious intent, users should be cautious and avoid any interaction with this site.

The domain att.jxdin.cc was registered through Gname.com Pte. Ltd. and created on January 26, 2026. It currently appears on one security blocklist and has been flagged by multiple security vendors for suspicious activities. The domain infrastructure is typical of phishing operations, designed to impersonate legitimate services to trick users. The combination of its recent creation date and detection by security systems underscores its suspicious nature.

At present, att.jxdin.cc is offline, indicating possible takedown or suspension following detection. Users are advised to avoid accessing this domain and remain vigilant about phishing attempts. Employing updated antivirus software, enabling multi-factor authentication, and verifying URLs before entering personal information are recommended steps to maintain online safety.

## Threat Details
- Verdict: MALICIOUS
- Site status: alive (HTTP 530)
- Page title: Holiday Deals 2025 | AT&T

## Domain Intelligence
- Registered: 2026-01-26 07:30:23
- Registrar: Gname.com Pte. Ltd.
- Country: SG
- IP: 172.67.179.220
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["A.SHARE-DNS.COM", "B.SHARE-DNS.NET"]
- SSL Issuer: WE1

## Detection Status
- VirusTotal: 16 vendors flagged
  Vendors: ["ADMINUSLabs", "Criminal IP", "alphaMountain.ai", "Chong Lua Dao", "Cluster25", "CRDF", "CyRadar", "Forcepoint ThreatSeeker", "Fortinet", "Gridinsoft", "Lionic", "Seclookup", "SOCRadar", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019bfd5f-85ba-77c8-9803-27640c67156a.png
- PhishDestroy: https://phishdestroy.io/domain/att.jxdin.cc/
- LLM endpoint: https://phishdestroy.io/domain/att.jxdin.cc/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/att.jxdin.cc/
Last updated: 2026-03-19