144.161.204.26
Open in
urlscan Pro
144.161.204.26
Malicious Activity!
Public Scan
Effective URL: https://144.161.204.26/
Submission: On August 29 via manual from IQ — Scanned from DE
Summary
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on April 1st 2024. Valid for: a year.
This is the only time 144.161.204.26 was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: AT&T (Telecommunication)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 144.161.204.26 144.161.204.26 | 797 (AMERITECH-AS) (AMERITECH-AS) | |
3 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 | 0 |
Domain | Requested by | |
---|---|---|
3 | 0 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.att.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.stage.att.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-04-01 - 2025-05-02 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://144.161.204.26/
Frame ID: 2F798E958DBD3EA286F0ABDE0A1749B1
Requests: 3 HTTP requests in this frame
Screenshot
Page Title
AT&T Global LogonPage URL History Show full URLs
-
http://144.161.204.26/
HTTP 307
https://144.161.204.26/ Page URL
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Terms and Conditions
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://144.161.204.26/
HTTP 307
https://144.161.204.26/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
3 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
144.161.204.26/ Redirect Chain
|
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
attglobe.gif
144.161.204.26/images/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
144.161.204.26/ |
1 KB 1 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: AT&T (Telecommunication)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
144.161.204.26
42938b72e2ec54515eb9c49145f42b8728cfc0b70170f80aef58ce93032b1c1d
a0d0fabd3b864e45c7b5a860d0333c84df120ae6f75b293f0a1728ff45117597
c21719908f8225e63b6dfea82f136db996dbd9f68af33a6d1fb449db6de40407