lasdcalls.com Open in urlscan Pro
213.134.2.192 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://lasdcalls.com/bJngJhfw
Submission: On December 11 via api (December 11th 2024, 2:17:51 pm UTC) from RU — Scanned from US

Summary HTTP 20 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 20 HTTP transactions. The main IP is 213.134.2.192, located in Kyiv, Ukraine and belongs to ITLDC-EU GREEN FLOID LLC, US. The main domain is lasdcalls.com.
TLS certificate: Issued by E5 on November 14th 2024. Valid for: 3 months.

This is the only time lasdcalls.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: SberBank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
14	213.134.2.192 213.134.2.192	21100 (ITLDC-EU ...) (ITLDC-EU GREEN FLOID LLC)
4	164.90.85.189 164.90.85.189	10122 (NETSTAR-A...) (NETSTAR-AS-AP NETSTAR SG PTE. LTD.)
1	3.167.37.99 3.167.37.99	16509 (AMAZON-02) (AMAZON-02)
1	164.90.85.221 164.90.85.221	10122 (NETSTAR-A...) (NETSTAR-AS-AP NETSTAR SG PTE. LTD.)
20	5

14 213.134.2.192 (Kyiv, Ukraine)

ASN21100 (ITLDC-EU GREEN FLOID LLC, US)
PTR: trafl165435.vds

lasdcalls.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 164.90.85.189 (United States)

ASN10122 (NETSTAR-AS-AP NETSTAR SG PTE. LTD., SG)

api.imotech.video	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.affiliations.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.167.37.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-167-37-99.iad61.r.cloudfront.net

cdn.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 164.90.85.221 (United States)

ASN10122 (NETSTAR-AS-AP NETSTAR SG PTE. LTD., SG)

api.affiliations.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	lasdcalls.com lasdcalls.com	734 KB
4	affiliations.site api.affiliations.site	652 B
1	branch.io cdn.branch.io — Cisco Umbrella Rank: 981	23 KB
1	imotech.video api.imotech.video — Cisco Umbrella Rank: 63332	23 KB
20	4

	Domain	Requested by
14	lasdcalls.com	lasdcalls.com
4	api.affiliations.site	api.imotech.video
1	cdn.branch.io	lasdcalls.com
1	api.imotech.video	lasdcalls.com
20	4

This site contains no links.

Subject Issuer	Validity	Valid
arkicol.com E5	`2024-11-14` - `2025-02-12`	3 months	crt.sh
*.imotech.video GlobalSign GCC R6 AlphaSSL CA 2023	`2024-06-03` - `2025-07-05`	a year	crt.sh
*.branch.io Amazon RSA 2048 M03	`2024-08-11` - `2025-09-09`	a year	crt.sh
*.affiliations.site GlobalSign GCC R6 AlphaSSL CA 2023	`2024-12-02` - `2026-01-03`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://lasdcalls.com/bJngJhfw
Frame ID: 3BC070D1D26454F2C0442AD7D1B5B62F
Requests: 20 HTTP requests in this frame

Frame: https://api.affiliations.site/ad/pixelfile.html
Frame ID: 2C45C94BEE04CE4C050FDA69CBAEC412
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Получите доступ к доходу от 92 000 рублей на платформе от

Page Statistics

20
Requests

30 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

781 kB
Transfer

1681 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request bJngJhfw Show response lasdcalls.com/	227 KB 158 KB	870ms 284ms	Document text/html	213.134.2.192 ITLDC-EU GREEN FL...
General Check archive.org Show headers Download Go to Full URL https://lasdcalls.com/bJngJhfw Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 213.134.2.192 Kyiv, Ukraine, ASN21100 (ITLDC-EU GREEN FLOID LLC, US), Reverse DNS trafl165435.vds Software nginx / Resource Hash `dfaaa5be655ff2d81c2277a7d5b5b7fe43bde6179c1217abe12e3ce930713e6b` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers Access-Control-Allow-Origin * Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=utf-8 Date Wed, 11 Dec 2024 14:17:44 GMT Expires Wed, 11 Dec 2024 14:17:44 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding
GET H/1.1	200 OK	bg_180.png lasdcalls.com/lander/sber-180-mint--sber-chat-daddy-/images/	238 KB 239 KB	774ms 331ms	Image image/png	213.134.2.192 ITLDC-EU GREEN FL...
General Check archive.org Show headers Download Go to Show image Full URL https://lasdcalls.com/lander/sber-180-mint--sber-chat-daddy-/images/bg_180.png Requested by Host: lasdcalls.com URL: https://lasdcalls.com/bJngJhfw Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 213.134.2.192 Kyiv, Ukraine, ASN21100 (ITLDC-EU GREEN FLOID LLC, US), Reverse DNS trafl165435.vds Software nginx / Resource Hash `9e0c93ff9ff4c5837e632e0be3840d7bb6692d64851df3768d62000896680976` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://lasdcalls.com/bJngJhfw Response headers Cache-Control max-age=864000 ETag "6749802c-3b909" Connection keep-alive Expires Sat, 21 Dec 2024 14:17:45 GMT Accept-Ranges bytes Access-Control-Allow-Origin * Content-Length 243977 Date Wed, 11 Dec 2024 14:17:45 GMT Content-Type image/png Last-Modified Fri, 29 Nov 2024 08:49:48 GMT Server nginx
GET H/1.1	200 OK	290467364b811314.css lasdcalls.com/lander/sber-180-mint--sber-chat-daddy-/_next/static/css/	44 KB 9 KB	570ms 144ms	Stylesheet text/css	213.134.2.192 ITLDC-EU GREEN FL...
General Check archive.org Show headers Download Go to Full URL https://lasdcalls.com/lander/sber-180-mint--sber-chat-daddy-/_next/static/css/290467364b811314.css Requested by Host: lasdcalls.com URL: https://lasdcalls.com/bJngJhfw Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 213.134.2.192 Kyiv, Ukraine, ASN21100 (ITLDC-EU GREEN FLOID LLC, US), Reverse DNS trafl165435.vds Software nginx / Resource Hash `cec1fb01ff480d66ed8925764ee1a8c210e898d0f192856fc060df61b181c903` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://lasdcalls.com/bJngJhfw Response headers Transfer-Encoding chunked Cache-Control max-age=864000 Content-Encoding gzip ETag W/"6749802c-b042" Connection keep-alive Expires Sat, 21 Dec 2024 14:17:45 GMT Access-Control-Allow-Origin * Date Wed, 11 Dec 2024 14:17:45 GMT Content-Type text/css Last-Modified Fri, 29 Nov 2024 08:49:48 GMT Server nginx
GET H/1.1	200 OK	webpack-4d0cdf32518f9bb7.js Show response lasdcalls.com/lander/sber-180-mint--sber-chat-daddy-/_next/static/chunks/	3 KB 4 KB	531ms 240ms	Script application/javascript	213.134.2.192 ITLDC-EU GREEN FL...
General Check archive.org Show headers Download Go to Full URL https://lasdcalls.com/lander/sber-180-mint--sber-chat-daddy-/_next/static/chunks/webpack-4d0cdf32518f9bb7.js Requested by Host: lasdcalls.com URL: https://lasdcalls.com/bJngJhfw Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 213.134.2.192 Kyiv, Ukraine, ASN21100 (ITLDC-EU GREEN FLOID LLC, US), Reverse DNS trafl165435.vds Software nginx / Resource Hash `c375e8b83480a6cd6c441d37d8fb10e2fb5e4df852750b69a5b9ee85d7484fd7` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://lasdcalls.com/bJngJhfw Response headers Cache-Control max-age=864000 ETag "6749802c-de6" Connection keep-alive Expires Sat, 21 Dec 2024 14:17:45 GMT Accept-Ranges bytes Access-Control-Allow-Origin * Content-Length 3558 Date Wed, 11 Dec 2024 14:17:45 GMT Content-Type application/javascript Last-Modified Fri, 29 Nov 2024 08:49:48 GMT Server nginx
GET H/1.1	200 OK	67cfe1a8-2fc55acb4a00f961.js Show response lasdcalls.com/lander/sber-180-mint--sber-chat-daddy-/_next/static/chunks/	169 KB 53 KB	786ms 386ms	Script application/javascript	213.134.2.192 ITLDC-EU GREEN FL...
General Check archive.org Show headers Download Go to Full URL https://lasdcalls.com/lander/sber-180-mint--sber-chat-daddy-/_next/static/chunks/67cfe1a8-2fc55acb4a00f961.js Requested by Host: lasdcalls.com URL: https://lasdcalls.com/bJngJhfw Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 213.134.2.192 Kyiv, Ukraine, ASN21100 (ITLDC-EU GREEN FLOID LLC, US), Reverse DNS trafl165435.vds Software nginx / Resource Hash `408fa4202fb7215854b8df73fdf975ab2f598f54b2c0f7a04b9e8a11772e2e44` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://lasdcalls.com/bJngJhfw Response headers Transfer-Encoding chunked Cache-Control max-age=864000 Content-Encoding gzip ETag W/"6749802c-2a31f" Connection keep-alive Expires Sat, 21 Dec 2024 14:17:45 GMT Access-Control-Allow-Origin * Date Wed, 11 Dec 2024 14:17:45 GMT Content-Type application/javascript Last-Modified Fri, 29 Nov 2024 08:49:48 GMT Server nginx
GET H/1.1	200 OK	221-89baa616a8f4e3e1.js Show response lasdcalls.com/lander/sber-180-mint--sber-chat-daddy-/_next/static/chunks/	121 KB 31 KB	624ms 224ms	Script application/javascript	213.134.2.192 ITLDC-EU GREEN FL...
General Check archive.org Show headers Download Go to Full URL https://lasdcalls.com/lander/sber-180-mint--sber-chat-daddy-/_next/static/chunks/221-89baa616a8f4e3e1.js Requested by Host: lasdcalls.com URL: https://lasdcalls.com/bJngJhfw Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 213.134.2.192 Kyiv, Ukraine, ASN21100 (ITLDC-EU GREEN FLOID LLC, US), Reverse DNS trafl165435.vds Software nginx / Resource Hash `7d337a8dd4c9965b9e18b0ed60d86565a6be0ca72580aee934e1d6f4d979c3bd` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://lasdcalls.com/bJngJhfw Response headers Transfer-Encoding chunked Cache-Control max-age=864000 Content-Encoding gzip ETag W/"6749802c-1e28f" Connection keep-alive Expires Sat, 21 Dec 2024 14:17:45 GMT Access-Control-Allow-Origin * Date Wed, 11 Dec 2024 14:17:45 GMT Content-Type application/javascript Last-Modified Fri, 29 Nov 2024 08:49:48 GMT Server nginx
GET H/1.1	200 OK	main-app-dbf50e69db881d85.js Show response lasdcalls.com/lander/sber-180-mint--sber-chat-daddy-/_next/static/chunks/	463 B 810 B	520ms 119ms	Script application/javascript	213.134.2.192 ITLDC-EU GREEN FL...
General Check archive.org Show headers Download Go to Full URL https://lasdcalls.com/lander/sber-180-mint--sber-chat-daddy-/_next/static/chunks/main-app-dbf50e69db881d85.js Requested by Host: lasdcalls.com URL: https://lasdcalls.com/bJngJhfw Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 213.134.2.192 Kyiv, Ukraine, ASN21100 (ITLDC-EU GREEN FLOID LLC, US), Reverse DNS trafl165435.vds Software nginx / Resource Hash `440bf9c36aa3a1de68e61fe9f381477706197cb6cc46258e786afbcacd5802e5` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://lasdcalls.com/bJngJhfw Response headers Cache-Control max-age=864000 ETag "6749802c-1cf" Connection keep-alive Expires Sat, 21 Dec 2024 14:17:45 GMT Accept-Ranges bytes Access-Control-Allow-Origin * Content-Length 463 Date Wed, 11 Dec 2024 14:17:45 GMT Content-Type application/javascript Last-Modified Fri, 29 Nov 2024 08:49:48 GMT Server nginx
GET H/1.1	200 OK	3723546d-cf7ac19b252cd23a.js Show response lasdcalls.com/lander/sber-180-mint--sber-chat-daddy-/_next/static/chunks/	693 B 1 KB	106ms 105ms	Script application/javascript	213.134.2.192 ITLDC-EU GREEN FL...
General Check archive.org Show headers Download Go to Full URL https://lasdcalls.com/lander/sber-180-mint--sber-chat-daddy-/_next/static/chunks/3723546d-cf7ac19b252cd23a.js Requested by Host: lasdcalls.com URL: https://lasdcalls.com/bJngJhfw Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 213.134.2.192 Kyiv, Ukraine, ASN21100 (ITLDC-EU GREEN FLOID LLC, US), Reverse DNS trafl165435.vds Software nginx / Resource Hash `9fcaa637ae5fbbebb862692b83eefadf49e29f74dd90ae6f2d160604dd2cfe06` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://lasdcalls.com/bJngJhfw Response headers Cache-Control max-age=864000 ETag "6749802c-2b5" Connection keep-alive Expires Sat, 21 Dec 2024 14:17:45 GMT Accept-Ranges bytes Access-Control-Allow-Origin * Content-Length 693 Date Wed, 11 Dec 2024 14:17:45 GMT Content-Type application/javascript Last-Modified Fri, 29 Nov 2024 08:49:48 GMT Server nginx
GET H/1.1	200 OK	214-1bbec1791f16840b.js Show response lasdcalls.com/lander/sber-180-mint--sber-chat-daddy-/_next/static/chunks/	27 KB 9 KB	181ms 181ms	Script application/javascript	213.134.2.192 ITLDC-EU GREEN FL...
General Check archive.org Show headers Download Go to Full URL https://lasdcalls.com/lander/sber-180-mint--sber-chat-daddy-/_next/static/chunks/214-1bbec1791f16840b.js Requested by Host: lasdcalls.com URL: https://lasdcalls.com/bJngJhfw Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 213.134.2.192 Kyiv, Ukraine, ASN21100 (ITLDC-EU GREEN FLOID LLC, US), Reverse DNS trafl165435.vds Software nginx / Resource Hash `41904d289d70caead18600df61b9d69f3b8d07ba571b808f6a1cdaeaabede6b5` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://lasdcalls.com/bJngJhfw Response headers Transfer-Encoding chunked Cache-Control max-age=864000 Content-Encoding gzip ETag W/"6749802c-6a3a" Connection keep-alive Expires Sat, 21 Dec 2024 14:17:45 GMT Access-Control-Allow-Origin * Date Wed, 11 Dec 2024 14:17:45 GMT Content-Type application/javascript Last-Modified Fri, 29 Nov 2024 08:49:48 GMT Server nginx
GET H/1.1	200 OK	219-47118f34724e9725.js Show response lasdcalls.com/lander/sber-180-mint--sber-chat-daddy-/_next/static/chunks/	425 KB 118 KB	149ms 149ms	Script application/javascript	213.134.2.192 ITLDC-EU GREEN FL...
General Check archive.org Show headers Download Go to Full URL https://lasdcalls.com/lander/sber-180-mint--sber-chat-daddy-/_next/static/chunks/219-47118f34724e9725.js Requested by Host: lasdcalls.com URL: https://lasdcalls.com/bJngJhfw Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 213.134.2.192 Kyiv, Ukraine, ASN21100 (ITLDC-EU GREEN FLOID LLC, US), Reverse DNS trafl165435.vds Software nginx / Resource Hash `27d5cc486252c80eed1cc824c424e574fc744ae687972edcc0b07d1ca5e6087b` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://lasdcalls.com/bJngJhfw Response headers Transfer-Encoding chunked Cache-Control max-age=864000 Content-Encoding gzip ETag W/"6749802c-6a498" Connection keep-alive Expires Sat, 21 Dec 2024 14:17:45 GMT Access-Control-Allow-Origin * Date Wed, 11 Dec 2024 14:17:45 GMT Content-Type application/javascript Last-Modified Fri, 29 Nov 2024 08:49:48 GMT Server nginx
GET H/1.1	200 OK	939-ed3b468d651f9355.js Show response lasdcalls.com/lander/sber-180-mint--sber-chat-daddy-/_next/static/chunks/	10 KB 4 KB	138ms 138ms	Script application/javascript	213.134.2.192 ITLDC-EU GREEN FL...
General Check archive.org Show headers Download Go to Full URL https://lasdcalls.com/lander/sber-180-mint--sber-chat-daddy-/_next/static/chunks/939-ed3b468d651f9355.js Requested by Host: lasdcalls.com URL: https://lasdcalls.com/bJngJhfw Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 213.134.2.192 Kyiv, Ukraine, ASN21100 (ITLDC-EU GREEN FLOID LLC, US), Reverse DNS trafl165435.vds Software nginx / Resource Hash `050543971eeac5d6b1cccab9a534dbd581fc1be970fa9f301eb90b2fac05b1c6` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://lasdcalls.com/bJngJhfw Response headers Transfer-Encoding chunked Cache-Control max-age=864000 Content-Encoding gzip ETag W/"6749802c-270e" Connection keep-alive Expires Sat, 21 Dec 2024 14:17:45 GMT Access-Control-Allow-Origin * Date Wed, 11 Dec 2024 14:17:45 GMT Content-Type application/javascript Last-Modified Fri, 29 Nov 2024 08:49:48 GMT Server nginx
GET H/1.1	200 OK	page-8f9221e6b8ec16c0.js Show response lasdcalls.com/lander/sber-180-mint--sber-chat-daddy-/_next/static/chunks/app/	158 KB 104 KB	151ms 151ms	Script application/javascript	213.134.2.192 ITLDC-EU GREEN FL...
General Check archive.org Show headers Download Go to Full URL https://lasdcalls.com/lander/sber-180-mint--sber-chat-daddy-/_next/static/chunks/app/page-8f9221e6b8ec16c0.js Requested by Host: lasdcalls.com URL: https://lasdcalls.com/bJngJhfw Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 213.134.2.192 Kyiv, Ukraine, ASN21100 (ITLDC-EU GREEN FLOID LLC, US), Reverse DNS trafl165435.vds Software nginx / Resource Hash `cc5f9c8909a61aa5ba14b4ba80d553da86516f5ebc6bb43be46a246f69f37240` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://lasdcalls.com/bJngJhfw Response headers Transfer-Encoding chunked Cache-Control max-age=864000 Content-Encoding gzip ETag W/"6749802c-27848" Connection keep-alive Expires Sat, 21 Dec 2024 14:17:45 GMT Access-Control-Allow-Origin * Date Wed, 11 Dec 2024 14:17:45 GMT Content-Type application/javascript Last-Modified Fri, 29 Nov 2024 08:49:48 GMT Server nginx
GET H/1.1	200 OK	635-5f2cab273f5e0921.js Show response lasdcalls.com/lander/sber-180-mint--sber-chat-daddy-/_next/static/chunks/	7 KB 3 KB	138ms 138ms	Script application/javascript	213.134.2.192 ITLDC-EU GREEN FL...
General Check archive.org Show headers Download Go to Full URL https://lasdcalls.com/lander/sber-180-mint--sber-chat-daddy-/_next/static/chunks/635-5f2cab273f5e0921.js Requested by Host: lasdcalls.com URL: https://lasdcalls.com/bJngJhfw Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 213.134.2.192 Kyiv, Ukraine, ASN21100 (ITLDC-EU GREEN FLOID LLC, US), Reverse DNS trafl165435.vds Software nginx / Resource Hash `053dce4170a3cfb99f0740049f5870f5831b8c4435c86bc9fde32b8d2cdd0e39` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://lasdcalls.com/bJngJhfw Response headers Transfer-Encoding chunked Cache-Control max-age=864000 Content-Encoding gzip ETag W/"6749802c-1bb9" Connection keep-alive Expires Sat, 21 Dec 2024 14:17:45 GMT Access-Control-Allow-Origin * Date Wed, 11 Dec 2024 14:17:45 GMT Content-Type application/javascript Last-Modified Fri, 29 Nov 2024 08:49:48 GMT Server nginx
GET H/1.1	200 OK	layout-8a23ed485fbcd2fe.js Show response lasdcalls.com/lander/sber-180-mint--sber-chat-daddy-/_next/static/chunks/app/	5 KB 2 KB	135ms 134ms	Script application/javascript	213.134.2.192 ITLDC-EU GREEN FL...
General Check archive.org Show headers Download Go to Full URL https://lasdcalls.com/lander/sber-180-mint--sber-chat-daddy-/_next/static/chunks/app/layout-8a23ed485fbcd2fe.js Requested by Host: lasdcalls.com URL: https://lasdcalls.com/bJngJhfw Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 213.134.2.192 Kyiv, Ukraine, ASN21100 (ITLDC-EU GREEN FLOID LLC, US), Reverse DNS trafl165435.vds Software nginx / Resource Hash `c947bce64d6610ade395db5ededdef0c10b96be57db9a8e95a32be6e20ec97e6` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://lasdcalls.com/bJngJhfw Response headers Transfer-Encoding chunked Cache-Control max-age=864000 Content-Encoding gzip ETag W/"6749802c-1448" Connection keep-alive Expires Sat, 21 Dec 2024 14:17:45 GMT Access-Control-Allow-Origin * Date Wed, 11 Dec 2024 14:17:45 GMT Content-Type application/javascript Last-Modified Fri, 29 Nov 2024 08:49:48 GMT Server nginx
GET DATA	200 OK	truncated /	103 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `99ca24887d2b1c9e2fc220bd201d4565210aeccff8b0ae279b995de5ed0e97d1` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer Response headers Content-Type image/png
GET H2	200	events.js Show response api.imotech.video/ad/	69 KB 23 KB	1042ms 403ms	Script application/javascript	164.90.85.189 NETSTAR-AS-AP NET...
General Check archive.org Show headers Download Go to Full URL https://api.imotech.video/ad/events.js?pixel_id=null Requested by Host: lasdcalls.com URL: https://lasdcalls.com/bJngJhfw Protocol H2 Security TLS 1.3, , AES_128_GCM Server 164.90.85.189 , United States, ASN10122 (NETSTAR-AS-AP NETSTAR SG PTE. LTD., SG), Reverse DNS Software openresty / Resource Hash `80a4ca8631f31f57537fb22e842d56fedb21d4b8678b3b15ec85188125755d17` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://lasdcalls.com/ Response headers cache-control private, max-age=900 content-encoding gzip bigotraceresponse 00-442d52655bf950929965ac895146854c-0-00 access-control-allow-origin * content-length 23562 date Wed, 11 Dec 2024 14:17:46 GMT content-type application/javascript;charset=utf-8 server openresty
GET H2	200	branch-2.85.0.min.js Show response cdn.branch.io/	75 KB 23 KB	271ms 92ms	Script text/javascript	3.167.37.99 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.branch.io/branch-2.85.0.min.js Requested by Host: lasdcalls.com URL: https://lasdcalls.com/bJngJhfw Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.167.37.99 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-167-37-99.iad61.r.cloudfront.net Software AmazonS3 / Resource Hash `d8c436394846ea20127a8db032f848015d4d239789429b7e0202609089b5525a` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://lasdcalls.com/ Response headers cache-control max-age=300 content-encoding gzip x-amz-version-id 6_R.7D9khEe5gWwdGOKSODxCVlqD6lua etag "f4ec9657a3dc111d088e2eca7b9796a4" age 204 via 1.1 0431e23c0344851eeb0c8f1f10c6edc4.cloudfront.net (CloudFront) x-cache Hit from cloudfront content-length 23431 x-amz-cf-id RjKtGzbXWghqe2zoTvB15FlQ4MrBPlZ2R0PCxMznoHR7X8bFKs_OUA== date Wed, 11 Dec 2024 14:14:23 GMT content-type text/javascript last-modified Fri, 28 Jun 2024 05:58:13 GMT server AmazonS3 x-amz-cf-pop IAD61-P4
POST H2	200	trackingview api.affiliations.site/bigoad/	104 B 218 B	833ms 145ms	Ping application/json	164.90.85.189 NETSTAR-AS-AP NET...
General Check archive.org Show headers Download Go to Full URL https://api.affiliations.site/bigoad/trackingview?extra=%7B%22action%22%3A%22no_dsp_config%22%2C%22pixel_id%22%3A%22%22%2C%22wst%22%3A871%2C%22drt%22%3A1467%2C%22tdt%22%3A2004%2C%22lgt%22%3A3095%7D&pixel_id=log_pixel_id Requested by Host: api.imotech.video URL: https://api.imotech.video/ad/events.js?pixel_id=null Protocol H2 Security TLS 1.3, , AES_128_GCM Server 164.90.85.189 , United States, ASN10122 (NETSTAR-AS-AP NETSTAR SG PTE. LTD., SG), Reverse DNS Software openresty / Resource Hash `5c8126712998182745c27afab3e46b53cd7bd14314ca2ad3e5d3a70714500fd7` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://lasdcalls.com/ Response headers bigotraceresponse 00-187c710eb95e06903a48a02eec8a4687-0-00 content-length 104 date Wed, 11 Dec 2024 14:17:47 GMT content-type application/json server openresty
POST H2	200	trackingview api.affiliations.site/bigoad/	104 B 217 B	833ms 146ms	Ping application/json	164.90.85.189 NETSTAR-AS-AP NET...
General Check archive.org Show headers Download Go to Full URL https://api.affiliations.site/bigoad/trackingview?extra=%7B%22action%22%3A%22log_iframe_bbg%22%2C%22pixel_id%22%3A%22%22%2C%22wst%22%3A871%2C%22drt%22%3A1467%2C%22tdt%22%3A2004%2C%22lgt%22%3A3097%7D&pixel_id=log_pixel_id Requested by Host: api.imotech.video URL: https://api.imotech.video/ad/events.js?pixel_id=null Protocol H2 Security TLS 1.3, , AES_128_GCM Server 164.90.85.189 , United States, ASN10122 (NETSTAR-AS-AP NETSTAR SG PTE. LTD., SG), Reverse DNS Software openresty / Resource Hash `4b5397c1e80896bd85ea5e96b96bd5db67d0a1a0de0de51563361a5831810bf5` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://lasdcalls.com/ Response headers bigotraceresponse 00-330b6a7540d08defbe0a72d036f578ef-0-00 content-length 104 date Wed, 11 Dec 2024 14:17:47 GMT content-type application/json server openresty
GET H2	200	pixelfile.html api.affiliations.site/ad/ Frame 2C45	0 0	881ms 203ms	Document text/html	164.90.85.221 NETSTAR-AS-AP NET...
General Check archive.org Show headers Download Go to Full URL https://api.affiliations.site/ad/pixelfile.html Requested by Host: api.imotech.video URL: https://api.imotech.video/ad/events.js?pixel_id=null Protocol H2 Security TLS 1.3, , AES_128_GCM Server 164.90.85.221 , United States, ASN10122 (NETSTAR-AS-AP NETSTAR SG PTE. LTD., SG), Reverse DNS Software openresty / Resource Hash Request headers Referer https://lasdcalls.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers bigotraceresponse 00-356b3cee4557dbc253853d8e29710849-0-00 content-encoding gzip content-type text/html;charset=utf-8 date Wed, 11 Dec 2024 14:17:47 GMT server openresty
POST H2	200	trackingview api.affiliations.site/bigoad/	104 B 217 B	136ms 135ms	Ping application/json	164.90.85.189 NETSTAR-AS-AP NET...
General Check archive.org Show headers Download Go to Full URL https://api.affiliations.site/bigoad/trackingview?extra=%7B%22action%22%3A%22log_no_bbg%22%2C%22pixel_id%22%3A%22%22%2C%22wst%22%3A871%2C%22drt%22%3A1467%2C%22tdt%22%3A2004%2C%22lgt%22%3A4051%7D&pixel_id=log_pixel_id Requested by Host: api.imotech.video URL: https://api.imotech.video/ad/events.js?pixel_id=null Protocol H2 Security TLS 1.3, , AES_128_GCM Server 164.90.85.189 , United States, ASN10122 (NETSTAR-AS-AP NETSTAR SG PTE. LTD., SG), Reverse DNS Software openresty / Resource Hash `c89b5e5f9e5e2492a930b0fd3b1578675aa7442a42d2a5c375ed59f084a46ea0` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://lasdcalls.com/ Response headers bigotraceresponse 00-35d1c50474c2a0d1f5e0aac9f2d7181a-0-00 content-length 104 date Wed, 11 Dec 2024 14:17:48 GMT content-type application/json server openresty

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: SberBank (Banking)

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
lasdcalls.com/	1970-01-21 02:23:25	Name: _subid Value: 3kgf3qf1vvia
lasdcalls.com/	1970-01-21 01:40:13	Name: 2f0d1 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjYyXCI6MTczMzkyNjY2NH0sXCJjYW1wYWlnbnNcIjp7XCIzNFwiOjE3MzM5MjY2NjR9LFwidGltZVwiOjE3MzM5MjY2NjR9In0.l2kkNngT1z7UdKgWKxb3rkXERV9JWCfE5ktjhFqqvQ8
lasdcalls.com/	1970-01-21 02:23:25	Name: _token Value: uuid_3kgf3qf1vvia_3kgf3qf1vvia67599f08b18b86.13770074
lasdcalls.com/	1970-01-21 11:14:46	Name: _bge_ci Value: BA1.1.8766695731.1733926667

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://lasdcalls.com/bJngJhfw Message: Subresource Integrity: The resource 'https://cdn.branch.io/branch-2.85.0.min.js' has an integrity attribute, but the resource requires the request to be CORS enabled to check the integrity, and it is not. The resource has been blocked because the integrity cannot be enforced.
security	error	URL: https://lasdcalls.com/bJngJhfw Message: Subresource Integrity: The resource 'https://cdn.branch.io/branch-2.85.0.min.js' has an integrity attribute, but the resource requires the request to be CORS enabled to check the integrity, and it is not. The resource has been blocked because the integrity cannot be enforced.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.affiliations.site
api.imotech.video
cdn.branch.io
lasdcalls.com
164.90.85.189
164.90.85.221
213.134.2.192
3.167.37.99
050543971eeac5d6b1cccab9a534dbd581fc1be970fa9f301eb90b2fac05b1c6
053dce4170a3cfb99f0740049f5870f5831b8c4435c86bc9fde32b8d2cdd0e39
27d5cc486252c80eed1cc824c424e574fc744ae687972edcc0b07d1ca5e6087b
408fa4202fb7215854b8df73fdf975ab2f598f54b2c0f7a04b9e8a11772e2e44
41904d289d70caead18600df61b9d69f3b8d07ba571b808f6a1cdaeaabede6b5
440bf9c36aa3a1de68e61fe9f381477706197cb6cc46258e786afbcacd5802e5
4b5397c1e80896bd85ea5e96b96bd5db67d0a1a0de0de51563361a5831810bf5
5c8126712998182745c27afab3e46b53cd7bd14314ca2ad3e5d3a70714500fd7
7d337a8dd4c9965b9e18b0ed60d86565a6be0ca72580aee934e1d6f4d979c3bd
80a4ca8631f31f57537fb22e842d56fedb21d4b8678b3b15ec85188125755d17
99ca24887d2b1c9e2fc220bd201d4565210aeccff8b0ae279b995de5ed0e97d1
9e0c93ff9ff4c5837e632e0be3840d7bb6692d64851df3768d62000896680976
9fcaa637ae5fbbebb862692b83eefadf49e29f74dd90ae6f2d160604dd2cfe06
c375e8b83480a6cd6c441d37d8fb10e2fb5e4df852750b69a5b9ee85d7484fd7
c89b5e5f9e5e2492a930b0fd3b1578675aa7442a42d2a5c375ed59f084a46ea0
c947bce64d6610ade395db5ededdef0c10b96be57db9a8e95a32be6e20ec97e6
cc5f9c8909a61aa5ba14b4ba80d553da86516f5ebc6bb43be46a246f69f37240
cec1fb01ff480d66ed8925764ee1a8c210e898d0f192856fc060df61b181c903
d8c436394846ea20127a8db032f848015d4d239789429b7e0202609089b5525a
dfaaa5be655ff2d81c2277a7d5b5b7fe43bde6179c1217abe12e3ce930713e6b

lasdcalls.com Open in urlscan Pro 213.134.2.192 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

20 Requests

30 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

5 IPs

2 Countries

781 kBTransfer

1681 kBSize

4 Cookies

0 Outgoing links

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

15 JavaScript Global Variables

4 Cookies

2 Console Messages

Indicators

lasdcalls.com Open in urlscan Pro
213.134.2.192 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

30 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

781 kB
Transfer

1681 kB
Size

4
Cookies

20 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!