www.att-prime.com
Open in
urlscan Pro
162.213.251.176
Malicious Activity!
Public Scan
Submission: On February 16 via api from US
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on February 6th 2021. Valid for: a year.
This is the only time www.att-prime.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: AT&T (Telecommunication)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 162.213.251.176 162.213.251.176 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
15 | 2001:1890:1c0... 2001:1890:1c00:3221::4:1068 | 7018 (ATT-INTER...) (ATT-INTERNET4) | |
23 | 3 |
ASN22612 (NAMECHEAP-NET, US)
PTR: business118-5.web-hosting.com
www.att-prime.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
att.com
oidc.idp.elogin.att.com |
153 KB |
2 |
att-prime.com
www.att-prime.com |
30 KB |
23 | 2 |
Domain | Requested by | |
---|---|---|
15 | oidc.idp.elogin.att.com |
www.att-prime.com
oidc.idp.elogin.att.com |
2 | www.att-prime.com |
www.att-prime.com
|
23 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
oidc.idp.elogin.att.com |
tw.okta.com |
www.e-access.att.com |
www.att.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
att-prime.com Sectigo RSA Domain Validation Secure Server CA |
2021-02-06 - 2022-02-06 |
a year | crt.sh |
oidc.idp.elogin.att.com DigiCert SHA2 Secure Server CA |
2020-10-19 - 2021-11-19 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.att-prime.com/
Frame ID: 0D9246FC3ACF6BD7959807C4FDB679D8
Requests: 23 HTTP requests in this frame
5 Outgoing links
These are links going to different origins than the main page.
Title: Click Here
Search URL Search Domain Scan URL
Title: Log in here
Search URL Search Domain Scan URL
Title: Update Security Profile
Search URL Search Domain Scan URL
Title: Terms
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.att-prime.com/ |
104 KB 17 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
oidc.idp.elogin.att.com/lrr/attLRR/resources/static/styles/ |
16 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fonts.css
oidc.idp.elogin.att.com/lrr/attLRR/resources/static/styles/ |
668 B 622 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cato.css
oidc.idp.elogin.att.com/lrr/attLRR/resources/static/styles/ |
240 B 606 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
checkbox.css
oidc.idp.elogin.att.com/lrr/attLRR/resources/static/styles/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.12.4.min.js
oidc.idp.elogin.att.com/lrr/attLRR/resources/js/ |
95 KB 95 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.blockUI.js
oidc.idp.elogin.att.com/lrr/attLRR/resources/js/ |
10 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mk.js
oidc.idp.elogin.att.com/lrr/attLRR/resources/js/ |
9 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
utilities.js
oidc.idp.elogin.att.com/lrr/attLRR/resources/js/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
www.att-prime.com/ |
74 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
backEndFunctions.js
oidc.idp.elogin.att.com/lrr/attLRR/resources/static/scripts/ |
7 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ie7.js
oidc.idp.elogin.att.com/lrr/attLRR/resources/js/ |
5 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
att_logo_97x40.png
oidc.idp.elogin.att.com/lrr/attLRR/resources/images/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
GLO_Question_Icon.png
oidc.idp.elogin.att.com/lrr/attLRR/resources/images/ |
223 B 624 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
flat_down_icon_rgb_blu_modified_12x12.png
oidc.idp.elogin.att.com/lrr/attLRR/resources/images/ |
623 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
flat_faq-reverse_icon_rgb_blu_modified_18x18.png
oidc.idp.elogin.att.com/lrr/attLRR/resources/images/ |
1023 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ATTAleckSans_W_Rg.woff
oidc.idp.elogin.att.com/lrr/attLRR/resources/static/fonts/WOFF/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
flat_check_icon_rgb_wht.png
oidc.idp.elogin.att.com/lrr/attLRR/resources/images/ |
9 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ATTAleckSans_W_Md.woff
oidc.idp.elogin.att.com/lrr/attLRR/resources/static/fonts/WOFF/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ATTAleckSans_W_Md.woff2
oidc.idp.elogin.att.com/lrr/attLRR/resources/static/fonts/WOFF2/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ATTAleckSans_W_Rg.woff2
oidc.idp.elogin.att.com/lrr/attLRR/resources/static/fonts/WOFF2/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ATTAleckSans_W_Md.ttf
oidc.idp.elogin.att.com/lrr/attLRR/resources/static/fonts/TTF/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ATTAleckSans_W_Rg.ttf
oidc.idp.elogin.att.com/lrr/attLRR/resources/static/fonts/TTF/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- oidc.idp.elogin.att.com
- URL
- https://oidc.idp.elogin.att.com/lrr/attLRR/resources/static/fonts/WOFF/ATTAleckSans_W_Rg.woff
- Domain
- oidc.idp.elogin.att.com
- URL
- https://oidc.idp.elogin.att.com/lrr/attLRR/resources/static/fonts/WOFF/ATTAleckSans_W_Md.woff
- Domain
- oidc.idp.elogin.att.com
- URL
- https://oidc.idp.elogin.att.com/lrr/attLRR/resources/static/fonts/WOFF2/ATTAleckSans_W_Md.woff2
- Domain
- oidc.idp.elogin.att.com
- URL
- https://oidc.idp.elogin.att.com/lrr/attLRR/resources/static/fonts/WOFF2/ATTAleckSans_W_Rg.woff2
- Domain
- oidc.idp.elogin.att.com
- URL
- https://oidc.idp.elogin.att.com/lrr/attLRR/resources/static/fonts/TTF/ATTAleckSans_W_Md.ttf
- Domain
- oidc.idp.elogin.att.com
- URL
- https://oidc.idp.elogin.att.com/lrr/attLRR/resources/static/fonts/TTF/ATTAleckSans_W_Rg.ttf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: AT&T (Telecommunication)243 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| globals function| $ function| jQuery object| constants function| MobileKeyHandler function| MobileKeyVerifier function| ErrorMsgs object| scriptConstants function| haloEAlert function| getEventTargetElement function| HaloEBrowserInfo object| haloEBrowserInfo object| g_BlockUISettings boolean| g_MockMobile object| g_StateCookieHandler object| g_SessionCookieHandler boolean| g_enterPressed object| g_selectedQuestion function| handleEnterKey function| isPopulated function| trimElementValue function| trimFormUserId function| preventMultipleEnterKeys function| mobileLanguageChanged function| changeVerificationForm function| globalPasswordChangeForm function| mobileKeyChangeForm function| YubiKeyChangeForm function| windowsChangeForm function| changeForm function| genericChangeForm function| doChangeForm function| setFocusOnActiveForm function| setMenuItem object| bdAuthorizationTypes function| toggleBusinessDirectSettings function| hideQuestionSelector function| showQuestionSelector function| setMockMobile function| onMobile boolean| g_isMobileDevice function| isMobileDevice function| isDeskTop function| hardOrSoft function| toggleSelectDiv function| changeSecretQuestion function| generateSecretQuestions function| enableSubmit function| disableSubmit function| formInputHandler function| glopasswordInputHandler function| glopasswordVerificationButtonEnabler function| glopasswordVerificationButtonEnablerOnPaste function| mobileKeyInputHandler function| mobileKeyDeviceATTUIDInputHandler function| mobileKeyMFAButtonEnabler function| mobileKeyMFAButtonEnablerOnPaste function| securIDsoftwareTokenInputHandler function| securIDhardwareTokenInputHandler function| safenetButtonInputHandler function| mtipsButtonInputHandler function| mtipsMFAButtonEnabler function| mtipsMFAButtonEnablerOnPaste function| safenetMFAButtonEnabler function| safenetMFAButtonEnablerOnPaste function| securIDMFAsoftwareTokenButtonEnabler function| securIDMFAsoftwareTokenOnPaste function| securIDMFAhardwareTokenButtonEnabler function| securIDMFAhardwareTokenButtonEnablerOnPaste function| secondaryAuthButtonEnabler function| secondaryAuthButtonEnablerOnPaste function| mobileCancelFrontEnd function| mobileTimeOutFrontEnd function| mobileDeniedFrontEnd function| mobileErrorFrontEnd function| sendPushFrontEnd function| hideDropdown function| showDropdown function| getUserIdErrorMsg function| doPasswordOnClick function| doMobileKeyOnClick function| doSecuridSoftTokenOnClick function| doSecuridHardTokenOnClick function| doSafenetOnClick function| doMtipsOnClick function| verifyMKUserOnClick function| setStrReqLnkCookieForWinAuth function| doWindowsOnClick function| setPageUsedCookie function| setCSPEnvURL function| setStateCookie function| setPageReqCookie function| getWinAuthAlways function| getHardTokenPin function| getSoftOrHardToken function| getUserId function| chkRememberMe function| doFIDO2YubiKeyOnClick function| doSecondaryAuthFormOnClick function| setCookie function| setSecureCookie function| deleteCookie function| enableRememeberMe function| getCookie function| translateToSpanish function| translateToEnglish function| removeError_script function| setBackgroundToDevRed function| changeUserId function| isSliderEnabled function| isSelectBoxVisible function| toggleCheckBoxClass function| toggleRememberMe function| toggleBDUserId function| updateRememberMe function| setRememberMe function| toggleMobileKeyPasscode function| StateCookieHandler function| SessionCookieHandler function| BusinessDirectHandler object| g_BusinessDirectHandler function| switchTokenStepEnabled function| setBDUserId function| sendBDUserId function| getTargetAuthPolicyOrWebsealUrl function| showYubiOTP function| getNextTabIndexElement function| initTabbing function| gloAutoFillChecker function| displayAuthNotificationMessage function| getZenKeyLearnLink function| goToZenKey function| hasClass function| addClass function| removeClass function| displayError function| displayInfo function| loginError function| pushDeniedError function| passwordExpirationInfo function| removeError function| displaySecondaryAuth function| enableBusinessDirect function| displayCricketLogo function| displayATTLogo function| mobileCancel function| mobileTimeOut function| mobileDenied function| mobileResend function| setSuccessName function| enableDevStyling function| updateInnerHTML function| displayBanner function| displayPresetBannerMessage function| displayInfoSection function| displayInfoSectionMessage function| changeMobileKeySubmitValue function| getUserIdText function| changeLanguage function| switchLanguage function| setLanguageDisplayText object| g_validLanguages object| g_javascriptMessages function| initLanguage function| initJavascriptMessages function| setLink function| displayMFA function| IeVersion object| IE boolean| g_isIECompatablityMode function| getFaqLink string| strReqLnkCookieForWinAuth string| strWinAuthErrorNoError string| strWinAuthErrorOccured string| strWinAuthErrorCancelled string| strWinAuthErrorWindowsAuthFailed string| strWinAuthErrorInvalidDomain string| strWinAuthErrorCantFindATTUID string| strWinAuthErrorIDNotInCSP string| strWinAuthErrorInvalidCSPDomain string| strWinAuthErrorPwdExpired string| strWinAuthErrorBlockedAutoAuth string| strWinAuthErrorCantAutoAuth string| strMobileKeyErrorHlte26NotFound string| strMobileKeyErrorRememberMeNotFound string| strMobileKeyErrorExcessiveFailures string| strMobileKeyErrorLoginWithAnotherMethod string| strMobileKeyErrorNoDevicesRegistered string| strMobileKeyErrorUnableToInitiate string| strMobileKeyErrorNoSessionId string| strMobileKeyErrorStatusDenied string| strMobileKeyErrorInvalidAction string| strMobileKeyErrorInvalidValues string| strTokenOnly string| strLogonOption string| strRememberMe string| strPwdPlusStepEnabled string| SQ1 string| SQ2 string| strTokenStepEnabled string| strWinAuthAlwaysEnabled string| strShowBd string| strShowBanner string| strExternalRequest string| strShowCricket string| strHideATT string| strAttOnly string| statusCookieName string| hlte26CookieName boolean| strMobileKeyEnabled boolean| strMobileKeyPasscodeEnabled string| strUser string| mkClassName object| elems object| javascriptMessages string| userId undefined| bannerMessage undefined| d undefined| expires undefined| selectobject undefined| hlte26Value undefined| secretQuestionsArr string| optOutOption boolean| showOptOutLink undefined| legacyCookieValue undefined| issuesDiv undefined| msg object| g_MobileKeyHandler function| initMobileKeyHandler function| jspSendPush function| jspCancelMobileKey function| getErrorMessage function| doGlobalLoginPasswordOnclick object| jQuery1124082510102883611910 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload; |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
oidc.idp.elogin.att.com
www.att-prime.com
oidc.idp.elogin.att.com
162.213.251.176
2001:1890:1c00:3221::4:1068
287e57ae4b394a4912f51899e4537fb4a9c3a9f307ad0e1f539f8aeb46bdb042
29bad7e345e0d228aaf48878036e7bab619f07a19f61cfebb28e325993abff13
3e51a67c0b16dd45fd07fb9ec9b48f6e05b4ea2eb3877abc862161d096ab1f3a
43d09eda46c8844e9674fe19c3efde71e12a8142491024e3d91976418e78f1c7
46ae8c20ff718133d1b34e09314a6636df03de7a39e84a459ee38bb06c05e885
4a6500fffb1823beca8bd2c203014d05111e97a82dbbb8516a642abb03bf7bf2
4dafe31b817d0d2113d2bc12594d47d8dab848470efbb15745be1b0bffd14fc3
5f43c44a03507663f45f0275597874d6ed132cf38a09775d997ba3669f64edb4
65be7ab7ebc8185b6bed8e5cf08d95eaa0e513c11c079c5cdd53f8a5bf1c3d8b
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
70d5fe7e758b55ae7ee7a0b5a0d4db8cfb6a493e2b2f431258e68347c2f3cc3d
79581aa279a6149075cfbc81498d3cbf1a2f97d42e18f99ac31f0df146c51352
adcfe7d308651f937a03cf9b9bdd684074a95be39186aa8cd229b57485f929b8
badc1907c817cbaa1efd9580e197b68f23679f1a83419320d12ab3b39ebdd1dc
bf67b77cbcf754d433bbe446ffa8b71c0b754d8bfdc90de00e5302b395d673e2
d5c45e86c9d0e5a186ab75b918e877e9337a4c85f9c83a82b9a49e5e30ff1a44
dc970eaf137a7b30c472f8f29a6745bfb9e94a5feb5258e73c02bd6014188919