tesla.sparkstation.net Open in urlscan Pro
180.210.207.119 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://tesla.sparkstation.net/~magicamulets/slw.php
Effective URL:
http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/WebObjects/detail...
Submission: On January 10 via automatic, source openphish (January 10th 2018, 9:07:57 pm UTC)

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 11 HTTP transactions. The main IP is 180.210.207.119, located in Singapore, Singapore and belongs to SPARKSTATION-SG-AP 10 Science Park Road, SG. The main domain is tesla.sparkstation.net.

This is the only time tesla.sparkstation.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: iTunes Connect (Online)

Domain & IP information

	IP Address		AS Autonomous System
7 18	180.210.207.119 180.210.207.119		45634 (SPARKSTAT...) (SPARKSTATION-SG-AP 10 Science Park Road)
11	1

18 180.210.207.119 (Singapore, Singapore) 7 redirects

ASN45634 (SPARKSTATION-SG-AP 10 Science Park Road, SG)
PTR: tesla.sparkstation.net

tesla.sparkstation.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	sparkstation.net 7 redirects tesla.sparkstation.net	3 KB
11	1

	Domain	Requested by
18	tesla.sparkstation.net	7 redirects tesla.sparkstation.net
11	1

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/WebObjects/details.html
Frame ID: (5E23612813F77B2E46246B8029A2D240)
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://tesla.sparkstation.net/~magicamulets/slw.php HTTP 302
http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58?louii HTTP 301
http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/?louii HTTP 302
http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16 HTTP 301
http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/ HTTP 302
http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b... HTTP 301
http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b... HTTP 302
http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

11
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

0 kB
Transfer

351 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tesla.sparkstation.net/~magicamulets/slw.php HTTP 302
http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58?louii HTTP 301
http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/?louii HTTP 302
http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16 HTTP 301
http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/ HTTP 302
http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/WebObjects HTTP 301
http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/WebObjects/ HTTP 302
http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/WebObjects/details.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request details.html Show response
tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/WebObjects/
Redirect Chain

http://tesla.sparkstation.net/~magicamulets/slw.php
http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58?louii
http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/?louii
http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16
http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/
http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/WebObjects
http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/WebObjects/
http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/WebObjects/details.html

60 KB
0

247ms
247ms

Document
text/html

180.210.207.119
SPARKSTATION-SG-A...

General

Check archive.org

Show headers Download Go to

Full URL

http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/WebObjects/details.html

Protocol

HTTP/1.1

Server

180.210.207.119 Singapore, Singapore, ASN45634 (SPARKSTATION-SG-AP 10 Science Park Road, SG),

Reverse DNS

tesla.sparkstation.net

Software

nginx /

Resource Hash

2ba5b35775d5be7e8d0c34d1d69e97e93a520e0cd97e7e71fdbbf8e7116f1e15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Connection: keep-alive
Accept-Encoding: gzip, deflate
Host: tesla.sparkstation.net
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Wed, 10 Jan 2018 21:07:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Jan 2018 21:07:42 GMT
Server: nginx
Vary: Accept-Encoding
X-Nginx-Cache-Status: MISS
Transfer-Encoding: chunked
X-Server-Powered-By: Engintron
Connection: keep-alive
Content-Type: text/html
X-XSS-Protection: 1; mode=block

Redirect headers

Date: Wed, 10 Jan 2018 21:07:44 GMT
X-Content-Type-Options: nosniff
Server: nginx
Transfer-Encoding: chunked
X-Nginx-Cache-Status: MISS
location: details.html
X-Server-Powered-By: Engintron
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK style.css
tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/css/ 4 KB
0 246ms
246ms Stylesheet
text/css 180.210.207.119
SPARKSTATION-SG-A...

General

Check archive.org

Show headers Download Go to

Full URL

http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/css/style.css

Requested by

Host: tesla.sparkstation.net
URL: http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/WebObjects/details.html

Protocol

HTTP/1.1

Server

180.210.207.119 Singapore, Singapore, ASN45634 (SPARKSTATION-SG-AP 10 Science Park Road, SG),

Reverse DNS

tesla.sparkstation.net

Software

nginx /

Resource Hash

a45c0c4996475801790852b73f2d0e1c5d822c951a808a24864eb4d8292994be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: tesla.sparkstation.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/WebObjects/details.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/WebObjects/details.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma: public
Date: Wed, 10 Jan 2018 21:07:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Jan 2018 21:07:42 GMT
Server: nginx
Vary: Accept-Encoding
X-Nginx-Cache-Status: MISS
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
X-Server-Powered-By: Engintron
Connection: keep-alive
Content-Type: text/css
X-XSS-Protection: 1; mode=block
Expires: Fri, 09 Feb 2018 21:07:44 GMT

GET
H/1.1 200
OK validationEngine.jquery.css
tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/css/ 3 KB
0 254ms
253ms Stylesheet
text/css 180.210.207.119
SPARKSTATION-SG-A...

General

Check archive.org

Show headers Download Go to

Full URL

http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/css/validationEngine.jquery.css

Requested by

Host: tesla.sparkstation.net
URL: http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/WebObjects/details.html

Protocol

HTTP/1.1

Server

180.210.207.119 Singapore, Singapore, ASN45634 (SPARKSTATION-SG-AP 10 Science Park Road, SG),

Reverse DNS

tesla.sparkstation.net

Software

nginx /

Resource Hash

cd363d0f8425d6b271c14ee5d6a8d693c3aa1323b64979b69c69d26661927303

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: tesla.sparkstation.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/WebObjects/details.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/WebObjects/details.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma: public
Date: Wed, 10 Jan 2018 21:07:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Jan 2018 21:07:42 GMT
Server: nginx
Vary: Accept-Encoding
X-Nginx-Cache-Status: MISS
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
X-Server-Powered-By: Engintron
Connection: keep-alive
Content-Type: text/css
X-XSS-Protection: 1; mode=block
Expires: Fri, 09 Feb 2018 21:07:44 GMT

GET
H/1.1 200
OK jquery-1.8.2.min.js Show response
tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/js/ 91 KB
0 497ms
251ms Script
application/javascript 180.210.207.119
SPARKSTATION-SG-A...

General

Check archive.org

Show headers Download Go to

Full URL

http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/js/jquery-1.8.2.min.js

Requested by

Host: tesla.sparkstation.net
URL: http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/WebObjects/details.html

Protocol

HTTP/1.1

Server

180.210.207.119 Singapore, Singapore, ASN45634 (SPARKSTATION-SG-AP 10 Science Park Road, SG),

Reverse DNS

tesla.sparkstation.net

Software

nginx /

Resource Hash

f23d4b309b72743aa8afe1f8c98a25b3ee31246fa572c66d9d8cb1982cae4fbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: tesla.sparkstation.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Referer: http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/WebObjects/details.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/WebObjects/details.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma: public
Date: Wed, 10 Jan 2018 21:07:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Jan 2018 21:07:42 GMT
Server: nginx
Vary: Accept-Encoding
X-Nginx-Cache-Status: MISS
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
X-Server-Powered-By: Engintron
Connection: keep-alive
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block
Expires: Fri, 09 Feb 2018 21:07:45 GMT

GET
H/1.1 200
OK jquery.validationEngine-en.js Show response
tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/js/languages/ 8 KB
0 1133ms
880ms Script
application/javascript 180.210.207.119
SPARKSTATION-SG-A...

General

Check archive.org

Show headers Download Go to

Full URL

http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/js/languages/jquery.validationEngine-en.js

Requested by

Host: tesla.sparkstation.net
URL: http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/WebObjects/details.html

Protocol

HTTP/1.1

Server

180.210.207.119 Singapore, Singapore, ASN45634 (SPARKSTATION-SG-AP 10 Science Park Road, SG),

Reverse DNS

tesla.sparkstation.net

Software

nginx /

Resource Hash

0474cd0982c7574277a4c9f29382219b8ead2cf11c24d994c9898bae1f744e45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: tesla.sparkstation.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Referer: http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/WebObjects/details.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/WebObjects/details.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma: public
Date: Wed, 10 Jan 2018 21:07:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Jan 2018 21:07:42 GMT
Server: nginx
Vary: Accept-Encoding
X-Nginx-Cache-Status: MISS
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
X-Server-Powered-By: Engintron
Connection: keep-alive
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block
Expires: Fri, 09 Feb 2018 21:07:45 GMT

GET
H/1.1 200
OK jquery.validationEngine.js Show response
tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/js/ 71 KB
0 502ms
249ms Script
application/javascript 180.210.207.119
SPARKSTATION-SG-A...

General

Check archive.org

Show headers Download Go to

Full URL

http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/js/jquery.validationEngine.js

Requested by

Host: tesla.sparkstation.net
URL: http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/WebObjects/details.html

Protocol

HTTP/1.1

Server

180.210.207.119 Singapore, Singapore, ASN45634 (SPARKSTATION-SG-AP 10 Science Park Road, SG),

Reverse DNS

tesla.sparkstation.net

Software

nginx /

Resource Hash

253a38477cddd18bb331c30d0f6edb8bafec05c64976693bb9d25f6d206306cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: tesla.sparkstation.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Referer: http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/WebObjects/details.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/WebObjects/details.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma: public
Date: Wed, 10 Jan 2018 21:07:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Jan 2018 21:07:42 GMT
Server: nginx
Vary: Accept-Encoding
X-Nginx-Cache-Status: MISS
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
X-Server-Powered-By: Engintron
Connection: keep-alive
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block
Expires: Fri, 09 Feb 2018 21:07:45 GMT

GET
H/1.1 200
OK sc.png
tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/img/ 4 KB
0 246ms
245ms Image
image/png 180.210.207.119
SPARKSTATION-SG-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/img/sc.png

Requested by

Host: tesla.sparkstation.net
URL: http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/WebObjects/details.html

Protocol

HTTP/1.1

Server

180.210.207.119 Singapore, Singapore, ASN45634 (SPARKSTATION-SG-AP 10 Science Park Road, SG),

Reverse DNS

tesla.sparkstation.net

Software

nginx /

Resource Hash

282e531dd067f4e6055c61f12a880aeb9483354b077ac774af215b0d9956ffcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: tesla.sparkstation.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/WebObjects/details.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/WebObjects/details.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma: public
Date: Wed, 10 Jan 2018 21:07:45 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Jan 2018 21:07:42 GMT
Server: nginx
X-Nginx-Cache-Status: MISS
Cache-Control: max-age=5184000
X-Server-Powered-By: Engintron
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 3649
X-XSS-Protection: 1; mode=block
Expires: Sun, 11 Mar 2018 21:07:45 GMT

GET
H/1.1 200
OK crd.png
tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/img/ 9 KB
0 296ms
295ms Image
image/png 180.210.207.119
SPARKSTATION-SG-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/img/crd.png

Requested by

Host: tesla.sparkstation.net
URL: http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/WebObjects/details.html

Protocol

HTTP/1.1

Server

180.210.207.119 Singapore, Singapore, ASN45634 (SPARKSTATION-SG-AP 10 Science Park Road, SG),

Reverse DNS

tesla.sparkstation.net

Software

nginx /

Resource Hash

d841754163f6d3f7a257af53c78c476857b03f211f41f931204a840770a089bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: tesla.sparkstation.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/WebObjects/details.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/WebObjects/details.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma: public
Date: Wed, 10 Jan 2018 21:07:45 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Jan 2018 21:07:42 GMT
Server: nginx
X-Nginx-Cache-Status: MISS
Cache-Control: max-age=5184000
X-Server-Powered-By: Engintron
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 9314
X-XSS-Protection: 1; mode=block
Expires: Sun, 11 Mar 2018 21:07:45 GMT

GET
H/1.1 200
OK cvv.gif
tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/img/ 509 B
0 251ms
251ms Image
image/gif 180.210.207.119
SPARKSTATION-SG-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/img/cvv.gif

Requested by

Host: tesla.sparkstation.net
URL: http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/WebObjects/details.html

Protocol

HTTP/1.1

Server

180.210.207.119 Singapore, Singapore, ASN45634 (SPARKSTATION-SG-AP 10 Science Park Road, SG),

Reverse DNS

tesla.sparkstation.net

Software

nginx /

Resource Hash

275b7a867831a923bb2ab17160004afef43973ac2192b04724506608b8255d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: tesla.sparkstation.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/WebObjects/details.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/WebObjects/details.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma: public
Date: Wed, 10 Jan 2018 21:07:46 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Jan 2018 21:07:42 GMT
Server: nginx
X-Nginx-Cache-Status: MISS
Cache-Control: max-age=5184000
X-Server-Powered-By: Engintron
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 509
X-XSS-Protection: 1; mode=block
Expires: Sun, 11 Mar 2018 21:07:46 GMT

GET
H/1.1 200
OK dite-logo.png
tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/img/ 6 KB
0 245ms
245ms Image
image/png 180.210.207.119
SPARKSTATION-SG-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/img/dite-logo.png

Requested by

Host: tesla.sparkstation.net
URL: http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/js/jquery-1.8.2.min.js

Protocol

HTTP/1.1

Server

180.210.207.119 Singapore, Singapore, ASN45634 (SPARKSTATION-SG-AP 10 Science Park Road, SG),

Reverse DNS

tesla.sparkstation.net

Software

nginx /

Resource Hash

129a97f9b2716d52599ce5a4c20113b0302d6ebeb5d0ba81e1798afb8947e069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: tesla.sparkstation.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/css/style.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma: public
Date: Wed, 10 Jan 2018 21:07:46 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Jan 2018 21:07:42 GMT
Server: nginx
X-Nginx-Cache-Status: MISS
Cache-Control: max-age=5184000
X-Server-Powered-By: Engintron
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 5952
X-XSS-Protection: 1; mode=block
Expires: Sun, 11 Mar 2018 21:07:46 GMT

GET
H/1.1 200
OK bg-video-upload-failed.png
tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/itc/images/ 95 KB
0 252ms
252ms Image
image/png 180.210.207.119
SPARKSTATION-SG-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/itc/images/bg-video-upload-failed.png

Requested by

Host: tesla.sparkstation.net
URL: http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/js/jquery-1.8.2.min.js

Protocol

HTTP/1.1

Server

180.210.207.119 Singapore, Singapore, ASN45634 (SPARKSTATION-SG-AP 10 Science Park Road, SG),

Reverse DNS

tesla.sparkstation.net

Software

nginx /

Resource Hash

68f0aafe8b22fed0095fd532701d0a540c2cb5a7516b85374db88b324dd0f6a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: tesla.sparkstation.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/css/style.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://tesla.sparkstation.net/~magicamulets/uptdtlaodeiuinformhassanslawiipdemconfirmatinkdellaccoun58/59b16/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma: public
Date: Wed, 10 Jan 2018 21:07:46 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Jan 2018 21:07:42 GMT
Server: nginx
X-Nginx-Cache-Status: MISS
Cache-Control: max-age=5184000
X-Server-Powered-By: Engintron
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 97122
X-XSS-Protection: 1; mode=block
Expires: Sun, 11 Mar 2018 21:07:46 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: iTunes Connect (Online)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onafterprint object| onbeforeprint function| $ function| jQuery

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

tesla.sparkstation.net
180.210.207.119
0474cd0982c7574277a4c9f29382219b8ead2cf11c24d994c9898bae1f744e45
129a97f9b2716d52599ce5a4c20113b0302d6ebeb5d0ba81e1798afb8947e069
253a38477cddd18bb331c30d0f6edb8bafec05c64976693bb9d25f6d206306cf
275b7a867831a923bb2ab17160004afef43973ac2192b04724506608b8255d99
282e531dd067f4e6055c61f12a880aeb9483354b077ac774af215b0d9956ffcd
2ba5b35775d5be7e8d0c34d1d69e97e93a520e0cd97e7e71fdbbf8e7116f1e15
68f0aafe8b22fed0095fd532701d0a540c2cb5a7516b85374db88b324dd0f6a9
a45c0c4996475801790852b73f2d0e1c5d822c951a808a24864eb4d8292994be
cd363d0f8425d6b271c14ee5d6a8d693c3aa1323b64979b69c69d26661927303
d841754163f6d3f7a257af53c78c476857b03f211f41f931204a840770a089bb
f23d4b309b72743aa8afe1f8c98a25b3ee31246fa572c66d9d8cb1982cae4fbc

tesla.sparkstation.net Open in urlscan Pro 180.210.207.119 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

11 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

0 kBTransfer

351 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

4 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

tesla.sparkstation.net Open in urlscan Pro
180.210.207.119 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

0 kB
Transfer

351 kB
Size

0
Cookies

11 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!