www.oidc.idp.elogin.att.cx
Open in
urlscan Pro
143.244.172.31
Malicious Activity!
Public Scan
Submission Tags: phishing
Submission: On June 18 via api from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on June 18th 2022. Valid for: 3 months.
This is the only time www.oidc.idp.elogin.att.cx was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: AT&T (Telecommunication)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
26 | 143.244.172.31 143.244.172.31 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
26 | 1 |
ASN14061 (DIGITALOCEAN-ASN, US)
www.oidc.idp.elogin.att.cx |
Apex Domain Subdomains |
Transfer | |
---|---|---|
26 |
att.cx
www.oidc.idp.elogin.att.cx |
996 KB |
26 | 1 |
Domain | Requested by | |
---|---|---|
26 | www.oidc.idp.elogin.att.cx |
www.oidc.idp.elogin.att.cx
|
26 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
oidc.idp.elogin.att.com |
www.e-access.att.com |
www.att.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
oidc.idp.elogin.att.cx R3 |
2022-06-18 - 2022-09-16 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.oidc.idp.elogin.att.cx/
Frame ID: C49E7AF73ADAFDE5E14DDECA306C6A5F
Requests: 26 HTTP requests in this frame
4 Outgoing links
These are links going to different origins than the main page.
Title: Forgot Password?
Search URL Search Domain Scan URL
Title: Update Security Profile
Search URL Search Domain Scan URL
Title: Terms
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
26 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
www.oidc.idp.elogin.att.cx/ |
70 KB 71 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mainb571.css
www.oidc.idp.elogin.att.cx/resources/static/styles/ |
24 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fontsb571.css
www.oidc.idp.elogin.att.cx/resources/static/styles/ |
718 B 959 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
catob571.css
www.oidc.idp.elogin.att.cx/resources/static/styles/ |
311 B 552 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
checkboxb571.css
www.oidc.idp.elogin.att.cx/resources/static/styles/ |
3 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.12.4.minb571.js
www.oidc.idp.elogin.att.cx/resources/js/ |
95 KB 95 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.blockUIb571.js
www.oidc.idp.elogin.att.cx/resources/js/ |
10 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mkb571.js
www.oidc.idp.elogin.att.cx/resources/js/ |
8 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
utilitiesb571.js
www.oidc.idp.elogin.att.cx/resources/js/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
scriptb571.js
www.oidc.idp.elogin.att.cx/resources/static/scripts/ |
85 KB 86 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
backEndFunctionsb571.js
www.oidc.idp.elogin.att.cx/resources/static/scripts/ |
6 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ie7b571.js
www.oidc.idp.elogin.att.cx/resources/js/ |
5 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
other.js
www.oidc.idp.elogin.att.cx/resources/js/ |
0 252 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
att_logo_97x40.png
www.oidc.idp.elogin.att.cx/resources/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
GLO_Question_Icon.png
www.oidc.idp.elogin.att.cx/resources/images/ |
223 B 464 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mobileKeyImg.png
www.oidc.idp.elogin.att.cx/resources/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rsaImg.png
www.oidc.idp.elogin.att.cx/resources/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
safeNetLogo.svg
www.oidc.idp.elogin.att.cx/resources/images/ |
398 KB 398 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mtipsLogo.png
www.oidc.idp.elogin.att.cx/resources/images/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
howto-for-mobile-devices.gif
www.oidc.idp.elogin.att.cx/resources/images/ |
95 KB 95 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
howto-for-desktop-devices.gif
www.oidc.idp.elogin.att.cx/resources/images/ |
93 KB 93 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
flat_faq-reverse_icon_rgb_blu_modified_18x18.png
www.oidc.idp.elogin.att.cx/resources/images/ |
1023 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ATTAleckSans_W_Md.woff
www.oidc.idp.elogin.att.cx/resources/static/fonts/WOFF/ |
23 KB 24 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ATTAleckSans_W_Rg.woff
www.oidc.idp.elogin.att.cx/resources/static/fonts/WOFF/ |
22 KB 23 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ATTAleckSans_W_Bd.woff
www.oidc.idp.elogin.att.cx/resources/static/fonts/WOFF/ |
23 KB 23 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
flat_check_icon_rgb_wht.png
www.oidc.idp.elogin.att.cx/resources/images/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: AT&T (Telecommunication)187 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation function| $ function| jQuery object| constants function| MobileKeyHandler function| ErrorMsgs object| scriptConstants function| HaloEBrowserInfo object| haloEBrowserInfo function| haloEAlert function| getEventTargetElement object| g_BlockUISettings boolean| g_MockMobile object| g_StateCookieHandler object| g_SessionCookieHandler boolean| g_enterPressed object| g_selectedQuestion function| handleEnterKey function| isPopulated function| trimElementValue function| trimFormUserId function| preventMultipleEnterKeys function| mobileLanguageChanged function| changeVerificationForm function| globalPasswordChangeForm function| mobileKeyChangeForm function| yubiKeyChangeForm function| yubiKey2ChangeForm function| bioKeyChangeForm function| windowsChangeForm function| changeForm function| genericChangeForm function| disableActiveForm function| doChangeForm function| setFocusOnActiveForm function| setMenuItem object| bdAuthorizationTypes function| toggleBusinessDirectSettings function| setMockMobile function| onMobile object| g_isMobileDevice function| isMobileDevice function| isDeskTop function| hardOrSoft function| toggleSelectDiv function| enableSubmit function| disableSubmit function| formInputHandler function| glopasswordInputHandler function| glopasswordVerificationButtonEnabler function| glopasswordVerificationButtonEnablerOnPaste function| mobileKeyInputHandler function| mobileKeyDeviceATTUIDInputHandler function| mobileKeyMFAButtonEnabler function| mobileKeyMFAButtonEnablerOnPaste function| securIDsoftwareTokenInputHandler function| securIDhardwareTokenInputHandler function| safenetButtonInputHandler function| safenetZkButtonInputHandler function| pickerPageUIDInputHandler function| yubiKey2InputHandler function| mtipsButtonInputHandler function| mtipsMFAButtonEnabler function| mtipsMFAButtonEnablerOnPaste function| safenetMFAButtonEnabler function| safenetMFAButtonEnablerOnPaste function| securIDMFAsoftwareTokenButtonEnabler function| securIDMFAsoftwareTokenOnPaste function| securIDMFAhardwareTokenButtonEnabler function| securIDMFAhardwareTokenButtonEnablerOnPaste function| mobileCancelFrontEnd function| mobileTimeOutFrontEnd function| mobileDeniedFrontEnd function| mobileErrorFrontEnd function| sendPushFrontEnd function| hideDropdown function| showDropdown function| getUserIdErrorMsg function| doPasswordOnClick function| doMobileKeyOnClick function| doSecuridSoftTokenOnClick function| doSecuridHardTokenOnClick function| doSafenetOnClick function| doMtipsOnClick function| verifyMKUserOnClick function| setStrReqLnkCookieForWinAuth function| doWindowsOnClick function| setPageUsedCookie function| setCSPEnvURL function| setStateCookie function| setPageReqCookie function| getWinAuthAlways function| getHardTokenPin function| getSoftOrHardToken function| getUserId function| chkRememberMe function| doYubiKeyOnClick function| doBioKeyOnClick function| doYubiKey2OnClick function| doSecondaryAuthFormOnClick function| setCookie function| deleteCookie function| deleteCookieWithDomain function| enableRememeberMe function| getCookie function| translateToSpanish function| translateToEnglish function| removeError_script function| setBackgroundToDevRed function| changeUserId function| isSliderEnabled function| isSelectBoxVisible function| toggleCheckBoxClass function| toggleRememberMe function| toggleBDUserId function| updateRememberMe function| setRememberMe function| toggleMobileKeyPasscode function| StateCookieHandler function| SessionCookieHandler function| BusinessDirectHandler object| g_BusinessDirectHandler function| switchTokenStepEnabled function| setBDUserId function| sendBDUserId function| getTargetAuthPolicyOrWebsealUrl function| showYubiOTP function| getNextTabIndexElement function| initTabbing function| gloAutoFillChecker function| displayAuthNotificationMessage function| getZenKeyLearnLink function| goToZenKey function| getEncodedWarnerMediaUrlParams function| getEncodedCricketADUserUrl function| setUserIdReadOnly function| initStepUpConfiguration function| initZKLinkConfiguration function| goToZkUnderConst function| goBacktoGLO function| showPickerPage function| pickerPageDoMobileKey function| rsaPopup function| disableApp function| checkAuthnLevel function| isSecurIdAuthType3 object| globals function| hasClass function| addClass function| removeClass function| displayError function| displayInfo function| loginError function| pushDeniedError function| passwordExpirationInfo function| removeError function| enableBusinessDirect function| displayCricketLogo function| displayATTLogo function| mobileCancel function| mobileTimeOut function| mobileDenied function| mobileResend function| setSuccessName function| enableDevStyling function| updateInnerHTML function| displayBanner function| displayPresetBannerMessage function| displayInfoSection function| displayInfoSectionMessage function| changeMobileKeySubmitValue function| getUserIdText function| changeLanguage function| switchLanguage function| setLanguageDisplayText object| g_validLanguages function| initLanguage function| setLink function| displayMFA function| IeVersion object| IE1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.oidc.idp.elogin.att.cx/ | Name: PHPSESSID Value: 76edf98c5441d4ab04f25423ecf7b411 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
www.oidc.idp.elogin.att.cx
143.244.172.31
016ae794a58b697ba55582d633bbef5a5980dd30a36f0a68d711477d93fdd335
07b3a3d0f02092988f8b70fa51992fa109b23bbc82638fc857dee5ee0e3ad5dc
1a75e86dfdc36321ba7806ffa93df30a4054fa62ea0bc0c1c5d4730e61deb9f8
1e72341a06438f1ae82a3e9204b5f788179e0d7da87738c6fe8f4894dad63f65
287e57ae4b394a4912f51899e4537fb4a9c3a9f307ad0e1f539f8aeb46bdb042
415e6f6b3f6c755c2dd679c9fb5ae9560b135eff11926aba3a0ff38e66ca8571
43d09eda46c8844e9674fe19c3efde71e12a8142491024e3d91976418e78f1c7
44f2d8ede3c0a0af465e298c70249dc11e197ab27f989a8533b711390cd4b3e5
475a4ede100078498409b1977b376dd8fab3c698d8153e34efa577ce36964445
4a6500fffb1823beca8bd2c203014d05111e97a82dbbb8516a642abb03bf7bf2
50fd4389b7d1b099131c94ec50bdc57448d81f12d67a4bddf99fce631c88f331
599fa0e17930d9753f37679f16a2bca801075ad28eb31adaea87f34cb82f0bd9
5f43c44a03507663f45f0275597874d6ed132cf38a09775d997ba3669f64edb4
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
79581aa279a6149075cfbc81498d3cbf1a2f97d42e18f99ac31f0df146c51352
797a15feeda1e7b357f44901a9928fb2966da4e03fb5b096086e6804e4019c57
7b985daa02206028d2a1eb770e1a795c97533af92e2ea4405382e14c1130be48
954064ac013f3367dbb39e30a3f3863cbb183cfdbdfe539dd5a1e8e7dfe4e13f
adcfe7d308651f937a03cf9b9bdd684074a95be39186aa8cd229b57485f929b8
af15a53c5aa232d5e484741b3ee4cb79a9389722511b68d8a6ed32d8187ff6e7
b49473946e0f559b9aacced166135ed5197eff465359dc8c16b3d275902d3c1f
d0c4812c9f1b672a7ea3420b10ea389cabb4b50694418965003250c876a2b13b
d5e35536c6b480726e7fb92d81ff764c57d2dea101be767c8e18c279ac556c50
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f13ffc0adc7e47990e67bcfb8f355a65c29361b12f0f20d5067ac880393685bc
f5787dfa3987bf38f75eb6488c3fef143c46bdefdb3e3f8c364d2a399c29f4dc