![](/screenshots/21898373-e858-453d-9739-7f9a8926400a.png)
www.tslagpt.net
Open in
urlscan Pro
185.149.120.145
Malicious Activity!
Public Scan
Submission Tags: https://phish.report @phish_report Search All
Submission: On March 31 via api from FI — Scanned from FI
Summary
TLS certificate: Issued by R3 on March 31st 2023. Valid for: 3 months.
This is the only time www.tslagpt.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Crypto (Crypto Exchange)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
13 | 185.149.120.145 185.149.120.145 | 57724 (DDOS-GUARD) (DDOS-GUARD) | |
1 | 2a00:1450:400... 2a00:1450:4001:802::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:82a::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700::68... 2606:4700::6811:190e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2600:9000:215... 2600:9000:2156:f000:c:7d55:b3c0:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a00:1450:400... 2a00:1450:4001:82f::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 18.195.235.189 18.195.235.189 | 16509 (AMAZON-02) (AMAZON-02) | |
23 | 8 |
ASN57724 (DDOS-GUARD, RU)
PTR: ddos-guard.net
www.tslagpt.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-235-189.eu-central-1.compute.amazonaws.com
tslagpt.matomo.cloud |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
tslagpt.net
www.tslagpt.net |
238 KB |
3 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47 chart.googleapis.com — Cisco Umbrella Rank: 25140 |
3 KB |
2 |
matomo.cloud
cdn.matomo.cloud — Cisco Umbrella Rank: 21088 tslagpt.matomo.cloud |
39 KB |
1 |
gstatic.com
fonts.gstatic.com |
27 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220 |
28 KB |
0 |
tesla-qr.com
Failed
tesla-qr.com Failed |
|
23 | 6 |
Domain | Requested by | |
---|---|---|
13 | www.tslagpt.net |
www.tslagpt.net
|
2 | chart.googleapis.com |
www.tslagpt.net
|
1 | tslagpt.matomo.cloud |
cdn.matomo.cloud
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | cdn.matomo.cloud |
www.tslagpt.net
|
1 | cdnjs.cloudflare.com |
www.tslagpt.net
|
1 | fonts.googleapis.com |
www.tslagpt.net
|
0 | tesla-qr.com Failed |
www.tslagpt.net
|
23 | 8 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
tslagpt.net R3 |
2023-03-31 - 2023-06-29 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-03-13 - 2023-06-05 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-08-03 - 2023-08-02 |
a year | crt.sh |
cdn.matomo.cloud Amazon RSA 2048 M01 |
2023-02-24 - 2023-12-25 |
10 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-03-13 - 2023-06-05 |
3 months | crt.sh |
*.matomo.cloud Amazon RSA 2048 M01 |
2023-02-10 - 2023-08-19 |
6 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.tslagpt.net/
Frame ID: 8CF92F9757BCAE4878EFADB54EAF64A5
Requests: 23 HTTP requests in this frame
Screenshot
![](/screenshots/21898373-e858-453d-9739-7f9a8926400a.png)
Page Title
Tesla $TSLA - Special Event by Elon MuskDetected technologies
![](/vendor/wappa/icons/Google Font API.png)
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.tslagpt.net/ |
19 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
8 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
www.tslagpt.net/assets/ |
11 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_white.png
www.tslagpt.net/assets/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bage.png
www.tslagpt.net/assets/ |
530 B 607 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qr.png
www.tslagpt.net/assets/ |
765 B 819 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
creator.png
www.tslagpt.net/assets/ |
193 KB 193 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wallet.png
www.tslagpt.net/assets/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
transfer.png
www.tslagpt.net/assets/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
checkmark.png
www.tslagpt.net/assets/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bonus.png
www.tslagpt.net/assets/ |
907 B 984 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popper.png
www.tslagpt.net/assets/ |
25 KB 25 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chart
chart.googleapis.com/ |
896 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chart
chart.googleapis.com/ |
876 B 963 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ |
87 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
www.tslagpt.net/assets/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
matomo.js
cdn.matomo.cloud/tslagpt.matomo.cloud/ |
132 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
background.png
tesla-qr.com/img/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
background2.png
tesla-qr.com/img/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
btc_icon.svg
tesla-qr.com/img/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ |
27 KB 27 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
check.svg
www.tslagpt.net/assets/ |
2 KB 843 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
matomo.php
tslagpt.matomo.cloud/ |
0 169 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- tesla-qr.com
- URL
- https://tesla-qr.com/img/background.png
- Domain
- tesla-qr.com
- URL
- https://tesla-qr.com/img/background2.png
- Domain
- tesla-qr.com
- URL
- https://tesla-qr.com/img/btc_icon.svg
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Crypto (Crypto Exchange)15 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| _paq function| $ function| jQuery object| cdata function| lerp function| round function| copy function| kill_ctrl_key_combo function| disable_selection function| double_mouse object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.tslagpt.net/ | Name: __ddg1_ Value: sNxv0wf5ChgFIzRSEjia |
|
www.tslagpt.net/ | Name: _pk_id.1.4978 Value: db698efff402256e.1680280588. |
|
www.tslagpt.net/ | Name: _pk_ses.1.4978 Value: 1 |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | upgrade-insecure-requests; |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.matomo.cloud
cdnjs.cloudflare.com
chart.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
tesla-qr.com
tslagpt.matomo.cloud
www.tslagpt.net
tesla-qr.com
18.195.235.189
185.149.120.145
2600:9000:2156:f000:c:7d55:b3c0:93a1
2606:4700::6811:190e
2a00:1450:4001:802::200a
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2003
0d5aef4fc215ecf50fceade77729b9abb4ad01898ab7d76d1b6cc7269b5c1abb
1d27b488c4e568a67c19fa54c773008da37cbc9bebb4b085f51a2dda14f5d7ec
498218687fa972306466ee84cfedb1cccd992e5a56f5129789ecd80bc41376a3
677dc0e9961a1f56754b6106e0c001bda0f48a433486fff9a263da2613a18db8
74b7839e25f179ee63f72db37ee32474495c71ee8639b262a6ae613d92e8260d
7de5ea62067ff095bb447c068dd04ba536e7939675ff3dee11251b303c0f99b4
8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e
8dab5e5e25687cb99e2944b9ed60f82d2714d0c1bc27ec16fba18db53b7ce3eb
9cd490c5efc4c1f3c6333d55194d664eac2c369f969a681e493008357b1d4c8e
a233d2bc58a237d1fe8b75f149dab65cb77e1a8da057fb9ee6f1c1ee907a0816
bbdd58506fcbaa4eeb41dc24e1393415cec59dd2199cc9cd8e28eb030dff76cc
c1d525781834944d0c42d206d6e31f05b73a947821da73108bdf3a3d53e4c402
cc1e00285a337a57b588f6b82ad5b9142853003eb0d734097e360f9d80f0ae0b
cfa98b04121d791d3dad15945130d6b138e527036d1e5f90c8a057ca429edc22
d13c37055b93d7a937a5f318a9f9ed159e30fbf74e4551834725ad9be81bd42f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e68d6d2c2d73a47fbd6c6a9a264706d207f0d4a7d5c3e5606edd3a5702614066
e7fe6e093e3472039bd2c87346bb41e43ca3d994d541ad0927f48ea10cf8c487
f5ee55d20e79cddc33cad6baba86d4ea622fef7a6de3d1ef10ad98cf830cb670
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e