urlscan.io logo urlscan.io
SecurityTrails logo

www.tslagpt.net Open in urlscan Pro
185.149.120.145  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://www.tslagpt.net/
Submission Tags: https://phish.report @phish_report Search All
Submission: On March 31 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 6 domains to perform 23 HTTP transactions. The main IP is 185.149.120.145, located in Russian Federation and belongs to DDOS-GUARD, RU. The main domain is www.tslagpt.net.
TLS certificate: Issued by R3 on March 31st 2023. Valid for: 3 months.
This is the only time www.tslagpt.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Crypto (Crypto Exchange)

Domain & IP information

13    185.149.120.145 (Russian Federation)

ASN57724 (DDOS-GUARD, RU)
PTR: ddos-guard.net
www.tslagpt.net
1    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
chart.googleapis.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2600:9000:2156:f000:c:7d55:b3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.matomo.cloud
1    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    18.195.235.189 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-235-189.eu-central-1.compute.amazonaws.com
tslagpt.matomo.cloud
Apex Domain
Subdomains		 Transfer
13 tslagpt.net
www.tslagpt.net
238 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
chart.googleapis.com — Cisco Umbrella Rank: 25140
3 KB
2 matomo.cloud
cdn.matomo.cloud — Cisco Umbrella Rank: 21088
tslagpt.matomo.cloud
39 KB
1 gstatic.com
fonts.gstatic.com
27 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220
28 KB
0 tesla-qr.com Failed
tesla-qr.com Failed
23 6
Domain Requested by
13 www.tslagpt.net www.tslagpt.net
2 chart.googleapis.com www.tslagpt.net
1 tslagpt.matomo.cloud cdn.matomo.cloud
1 fonts.gstatic.com fonts.googleapis.com
1 cdn.matomo.cloud www.tslagpt.net
1 cdnjs.cloudflare.com www.tslagpt.net
1 fonts.googleapis.com www.tslagpt.net
0 tesla-qr.com Failed www.tslagpt.net
23 8

This site contains no links.

Subject Issuer Validity Valid
tslagpt.net
R3		 2023-03-31 -
2023-06-29		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
cdn.matomo.cloud
Amazon RSA 2048 M01		 2023-02-24 -
2023-12-25		 10 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
*.matomo.cloud
Amazon RSA 2048 M01		 2023-02-10 -
2023-08-19		 6 months crt.sh

This page contains 1 frames:

Primary Page: https://www.tslagpt.net/
Frame ID: 8CF92F9757BCAE4878EFADB54EAF64A5
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Tesla $TSLA - Special Event by Elon Musk

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

23
Requests

87 %
HTTPS

71 %
IPv6

6
Domains

8
Subdomains

8
IPs

3
Countries

336 kB
Transfer

521 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.tslagpt.net/ 		19 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.tslagpt.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.149.120.145 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
0d5aef4fc215ecf50fceade77729b9abb4ad01898ab7d76d1b6cc7269b5c1abb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
5202
content-security-policy
upgrade-insecure-requests;
content-type
text/html
date
Fri, 31 Mar 2023 16:36:27 GMT
etag
"4be9-5f83101b103cc-gzip"
last-modified
Fri, 31 Mar 2023 12:04:09 GMT
server
ddos-guard
vary
Accept-Encoding
css2
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Mulish:wght@400;500;600;700;800&display=swap
Requested by
Host: www.tslagpt.net
URL: https://www.tslagpt.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cc1e00285a337a57b588f6b82ad5b9142853003eb0d734097e360f9d80f0ae0b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.tslagpt.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 31 Mar 2023 16:36:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 31 Mar 2023 16:36:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 31 Mar 2023 16:36:27 GMT
style.css
www.tslagpt.net/assets/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.tslagpt.net/assets/style.css
Requested by
Host: www.tslagpt.net
URL: https://www.tslagpt.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.149.120.145 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
8dab5e5e25687cb99e2944b9ed60f82d2714d0c1bc27ec16fba18db53b7ce3eb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.tslagpt.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Fri, 31 Mar 2023 16:36:27 GMT
content-encoding
br
last-modified
Fri, 31 Mar 2023 12:04:10 GMT
server
ddos-guard
age
0
etag
W/"2d20-5f83101c8837f-gzip"
vary
Accept-Encoding
content-type
text/css
ddg-cache-status
MISS,MISS
accept-ranges
bytes
content-length
2419
logo_white.png
www.tslagpt.net/assets/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tslagpt.net/assets/logo_white.png
Requested by
Host: www.tslagpt.net
URL: https://www.tslagpt.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.149.120.145 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
d13c37055b93d7a937a5f318a9f9ed159e30fbf74e4551834725ad9be81bd42f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.tslagpt.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Fri, 31 Mar 2023 16:36:27 GMT
last-modified
Fri, 31 Mar 2023 12:04:11 GMT
server
ddos-guard
age
0
etag
"d02-5f83101dde050"
content-type
image/png
ddg-cache-status
MISS,MISS
accept-ranges
bytes
content-length
3330
bage.png
www.tslagpt.net/assets/ 		530 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tslagpt.net/assets/bage.png
Requested by
Host: www.tslagpt.net
URL: https://www.tslagpt.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.149.120.145 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
a233d2bc58a237d1fe8b75f149dab65cb77e1a8da057fb9ee6f1c1ee907a0816
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.tslagpt.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Fri, 31 Mar 2023 16:36:27 GMT
last-modified
Fri, 31 Mar 2023 12:04:11 GMT
server
ddos-guard
age
0
etag
"212-5f83101d16cc6"
content-type
image/png
ddg-cache-status
MISS,MISS
accept-ranges
bytes
content-length
530
qr.png
www.tslagpt.net/assets/ 		765 B
819 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tslagpt.net/assets/qr.png
Requested by
Host: www.tslagpt.net
URL: https://www.tslagpt.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.149.120.145 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
677dc0e9961a1f56754b6106e0c001bda0f48a433486fff9a263da2613a18db8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.tslagpt.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Fri, 31 Mar 2023 16:36:27 GMT
last-modified
Fri, 31 Mar 2023 12:04:10 GMT
server
ddos-guard
age
0
etag
"2fd-5f83101c4e99c"
content-type
image/png
ddg-cache-status
MISS,MISS
accept-ranges
bytes
content-length
765
creator.png
www.tslagpt.net/assets/ 		193 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tslagpt.net/assets/creator.png
Requested by
Host: www.tslagpt.net
URL: https://www.tslagpt.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.149.120.145 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
f5ee55d20e79cddc33cad6baba86d4ea622fef7a6de3d1ef10ad98cf830cb670
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.tslagpt.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Fri, 31 Mar 2023 16:36:28 GMT
last-modified
Fri, 31 Mar 2023 12:04:11 GMT
server
ddos-guard
age
1
etag
"304ad-5f83101d871ab"
content-type
image/png
ddg-cache-status
MISS,MISS
accept-ranges
bytes
content-length
197805
wallet.png
www.tslagpt.net/assets/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tslagpt.net/assets/wallet.png
Requested by
Host: www.tslagpt.net
URL: https://www.tslagpt.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.149.120.145 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
74b7839e25f179ee63f72db37ee32474495c71ee8639b262a6ae613d92e8260d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.tslagpt.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Fri, 31 Mar 2023 16:36:28 GMT
last-modified
Fri, 31 Mar 2023 12:04:09 GMT
server
ddos-guard
age
1
etag
"4a1-5f83101bea037"
content-type
image/png
ddg-cache-status
MISS,MISS
accept-ranges
bytes
content-length
1185
transfer.png
www.tslagpt.net/assets/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tslagpt.net/assets/transfer.png
Requested by
Host: www.tslagpt.net
URL: https://www.tslagpt.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.149.120.145 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
e68d6d2c2d73a47fbd6c6a9a264706d207f0d4a7d5c3e5606edd3a5702614066
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.tslagpt.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Fri, 31 Mar 2023 16:36:27 GMT
last-modified
Fri, 31 Mar 2023 12:04:09 GMT
server
ddos-guard
age
0
etag
"480-5f83101bbd175"
content-type
image/png
ddg-cache-status
MISS,MISS
accept-ranges
bytes
content-length
1152
checkmark.png
www.tslagpt.net/assets/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tslagpt.net/assets/checkmark.png
Requested by
Host: www.tslagpt.net
URL: https://www.tslagpt.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.149.120.145 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
498218687fa972306466ee84cfedb1cccd992e5a56f5129789ecd80bc41376a3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.tslagpt.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Fri, 31 Mar 2023 16:36:27 GMT
last-modified
Fri, 31 Mar 2023 12:04:10 GMT
server
ddos-guard
age
0
etag
"4bf-5f83101c22a7a"
content-type
image/png
ddg-cache-status
MISS,MISS
accept-ranges
bytes
content-length
1215
bonus.png
www.tslagpt.net/assets/ 		907 B
984 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tslagpt.net/assets/bonus.png
Requested by
Host: www.tslagpt.net
URL: https://www.tslagpt.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.149.120.145 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
bbdd58506fcbaa4eeb41dc24e1393415cec59dd2199cc9cd8e28eb030dff76cc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.tslagpt.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Fri, 31 Mar 2023 16:36:29 GMT
last-modified
Fri, 31 Mar 2023 12:04:11 GMT
server
ddos-guard
age
2
etag
"38b-5f83101d7c5cb"
content-type
image/png
ddg-cache-status
MISS,MISS
accept-ranges
bytes
content-length
907
popper.png
www.tslagpt.net/assets/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tslagpt.net/assets/popper.png
Requested by
Host: www.tslagpt.net
URL: https://www.tslagpt.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.149.120.145 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
7de5ea62067ff095bb447c068dd04ba536e7939675ff3dee11251b303c0f99b4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.tslagpt.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Fri, 31 Mar 2023 16:36:29 GMT
last-modified
Fri, 31 Mar 2023 12:04:09 GMT
server
ddos-guard
age
2
etag
"6385-5f83101b87612"
content-type
image/png
ddg-cache-status
MISS,MISS
accept-ranges
bytes
content-length
25477
chart
chart.googleapis.com/ 		896 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://chart.googleapis.com/chart?chs=140x140&cht=qr&chl=1MNyPLJ1FYrzH1UKiwcgS4R62CgbRGhp6A&chld=L|1&choe=UTF-8
Requested by
Host: www.tslagpt.net
URL: https://www.tslagpt.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GoogleChartAPI/1.0 /
Resource Hash
1d27b488c4e568a67c19fa54c773008da37cbc9bebb4b085f51a2dda14f5d7ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.tslagpt.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 15:17:05 GMT
x-content-type-options
nosniff
last-modified
Wed, 02 May 2018 18:35:04 GMT
server
GoogleChartAPI/1.0
age
4762
x-frame-options
ALLOWALL
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
896
x-xss-protection
1; mode=block
expires
Sat, 01 Apr 2023 15:17:05 GMT
chart
chart.googleapis.com/ 		876 B
963 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://chart.googleapis.com/chart?chs=140x140&cht=qr&chl=0x961EB4F27d4Ad441F1256367E53f30Df7f094409&chld=L|1&choe=UTF-8
Requested by
Host: www.tslagpt.net
URL: https://www.tslagpt.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GoogleChartAPI/1.0 /
Resource Hash
e7fe6e093e3472039bd2c87346bb41e43ca3d994d541ad0927f48ea10cf8c487
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.tslagpt.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 15:17:06 GMT
x-content-type-options
nosniff
last-modified
Wed, 02 May 2018 18:35:04 GMT
server
GoogleChartAPI/1.0
age
4761
x-frame-options
ALLOWALL
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
876
x-xss-protection
1; mode=block
expires
Sat, 01 Apr 2023 15:17:06 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: www.tslagpt.net
URL: https://www.tslagpt.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.tslagpt.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 16:36:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
6098818
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27938
last-modified
Tue, 02 Mar 2021 18:58:36 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"603e8adc-15d9d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MguDz22C0JlRMSzlGykmbCiLyQn8%2F7TX0Ry4ot9y7Tw6GiixfvJQBwiogDrNDh3auKx2bZDP9OzD6VIziVONOCeql2MkjOT5ADjvOqKpXzTsCRh276iMCTjLSlYPy2edN4p52Mrad5EC97o%2ByvAk38Em"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7b0a02e6ea67d926-HEL
expires
Wed, 20 Mar 2024 16:36:27 GMT
script.js
www.tslagpt.net/assets/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tslagpt.net/assets/script.js?v=10
Requested by
Host: www.tslagpt.net
URL: https://www.tslagpt.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.149.120.145 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
cfa98b04121d791d3dad15945130d6b138e527036d1e5f90c8a057ca429edc22
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.tslagpt.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Fri, 31 Mar 2023 16:36:27 GMT
content-encoding
br
last-modified
Fri, 31 Mar 2023 12:04:12 GMT
server
ddos-guard
age
0
etag
W/"1878-5f83101de8c30-gzip"
vary
Accept-Encoding
content-type
application/javascript
ddg-cache-status
MISS,MISS
accept-ranges
bytes
content-length
1686
matomo.js
cdn.matomo.cloud/tslagpt.matomo.cloud/ 		132 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.matomo.cloud/tslagpt.matomo.cloud/matomo.js
Requested by
Host: www.tslagpt.net
URL: https://www.tslagpt.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:f000:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1d525781834944d0c42d206d6e31f05b73a947821da73108bdf3a3d53e4c402

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.tslagpt.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 15:17:06 GMT
x-amz-version-id
ao9Nr8HVLvscpZdkzWUA6fmPpoobg7AO
content-encoding
gzip
via
1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
4762
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 31 Mar 2023 12:01:47 GMT
server
AmazonS3
etag
W/"df630c016b0a1d6d650d8d6a411f9d56"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=691200
x-amz-cf-id
rGH2IxVfoHrmZIX_KH1JAhoR5w6R0vnV6lbYxmLEQQBaH4UYLgEePA==
background.png
tesla-qr.com/img/ 		0
0
background2.png
tesla-qr.com/img/ 		0
0
btc_icon.svg
tesla-qr.com/img/ 		0
0
1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Mulish:wght@400;500;600;700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.tslagpt.net
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 09:34:58 GMT
x-content-type-options
nosniff
age
25289
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27428
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Mar 2024 09:34:58 GMT
check.svg
www.tslagpt.net/assets/ 		2 KB
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tslagpt.net/assets/check.svg
Requested by
Host: www.tslagpt.net
URL: https://www.tslagpt.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.149.120.145 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
9cd490c5efc4c1f3c6333d55194d664eac2c369f969a681e493008357b1d4c8e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.tslagpt.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Fri, 31 Mar 2023 16:36:29 GMT
content-encoding
br
last-modified
Fri, 31 Mar 2023 12:04:10 GMT
server
ddos-guard
age
2
etag
"663-5f83101ceada4"
vary
Accept-Encoding
content-type
image/svg+xml
ddg-cache-status
MISS,MISS
accept-ranges
bytes
content-length
775
matomo.php
tslagpt.matomo.cloud/ 		0
169 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tslagpt.matomo.cloud/matomo.php?action_name=Tesla%20%24TSLA%20-%20Special%20Event%20by%20Elon%20Musk&idsite=1&rec=1&r=005561&h=16&m=36&s=27&url=https%3A%2F%2Fwww.tslagpt.net%2F&_id=db698efff402256e&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=ykW0kD&pf_net=271&pf_srv=235&pf_tfr=5&pf_dm1=322&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/tslagpt.matomo.cloud/matomo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.195.235.189 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-235-189.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tslagpt.net/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin
https://www.tslagpt.net
date
Fri, 31 Mar 2023 16:36:27 GMT
access-control-allow-credentials
true
server
Apache
vary
X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tesla-qr.com
URL
https://tesla-qr.com/img/background.png
Domain
tesla-qr.com
URL
https://tesla-qr.com/img/background2.png
Domain
tesla-qr.com
URL
https://tesla-qr.com/img/btc_icon.svg

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Crypto (Crypto Exchange)

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| _paq function| $ function| jQuery object| cdata function| lerp function| round function| copy function| kill_ctrl_key_combo function| disable_selection function| double_mouse object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log

3 Cookies

Domain/Path Name / Value
.tslagpt.net/ Name: __ddg1_
Value: sNxv0wf5ChgFIzRSEjia
www.tslagpt.net/ Name: _pk_id.1.4978
Value: db698efff402256e.1680280588.
www.tslagpt.net/ Name: _pk_ses.1.4978
Value: 1

3 Console Messages

Source Level URL
Text
network error URL: https://tesla-qr.com/img/background.png
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://tesla-qr.com/img/background2.png
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://tesla-qr.com/img/btc_icon.svg
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.matomo.cloud
cdnjs.cloudflare.com
chart.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
tesla-qr.com
tslagpt.matomo.cloud
www.tslagpt.net
tesla-qr.com
18.195.235.189
185.149.120.145
2600:9000:2156:f000:c:7d55:b3c0:93a1
2606:4700::6811:190e
2a00:1450:4001:802::200a
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2003
0d5aef4fc215ecf50fceade77729b9abb4ad01898ab7d76d1b6cc7269b5c1abb
1d27b488c4e568a67c19fa54c773008da37cbc9bebb4b085f51a2dda14f5d7ec
498218687fa972306466ee84cfedb1cccd992e5a56f5129789ecd80bc41376a3
677dc0e9961a1f56754b6106e0c001bda0f48a433486fff9a263da2613a18db8
74b7839e25f179ee63f72db37ee32474495c71ee8639b262a6ae613d92e8260d
7de5ea62067ff095bb447c068dd04ba536e7939675ff3dee11251b303c0f99b4
8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e
8dab5e5e25687cb99e2944b9ed60f82d2714d0c1bc27ec16fba18db53b7ce3eb
9cd490c5efc4c1f3c6333d55194d664eac2c369f969a681e493008357b1d4c8e
a233d2bc58a237d1fe8b75f149dab65cb77e1a8da057fb9ee6f1c1ee907a0816
bbdd58506fcbaa4eeb41dc24e1393415cec59dd2199cc9cd8e28eb030dff76cc
c1d525781834944d0c42d206d6e31f05b73a947821da73108bdf3a3d53e4c402
cc1e00285a337a57b588f6b82ad5b9142853003eb0d734097e360f9d80f0ae0b
cfa98b04121d791d3dad15945130d6b138e527036d1e5f90c8a057ca429edc22
d13c37055b93d7a937a5f318a9f9ed159e30fbf74e4551834725ad9be81bd42f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e68d6d2c2d73a47fbd6c6a9a264706d207f0d4a7d5c3e5606edd3a5702614066
e7fe6e093e3472039bd2c87346bb41e43ca3d994d541ad0927f48ea10cf8c487
f5ee55d20e79cddc33cad6baba86d4ea622fef7a6de3d1ef10ad98cf830cb670
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e