play-samp.ru - urlscan.io

Summary

This website contacted 2 IPs in 1 countries across 3 domains to perform 5 HTTP transactions. The main IP is 185.159.131.4, located in Russian Federation and belongs to ITOS-AS, RU. The main domain is play-samp.ru.
TLS certificate: Issued by R3 on November 28th 2021. Valid for: 3 months.

This is the only time play-samp.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
3	185.159.131.4 185.159.131.4		64439 (ITOS-AS) (ITOS-AS)
5	2

3 185.159.131.4 (Russian Federation)

ASN64439 (ITOS-AS, RU)

play-samp.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	play-samp.ru play-samp.ru	10 KB
0	vk.com Failed vk.com Failed
0	googlecode.com Failed html5shiv.googlecode.com Failed
5	3

	Domain	Requested by
3	play-samp.ru	play-samp.ru
0	vk.com Failed	play-samp.ru
0	html5shiv.googlecode.com Failed	play-samp.ru
5	3

This site contains links to these domains. Also see Links.

Domain
vk.com

Subject Issuer	Validity	Valid
play-samp.ru R3	`2021-11-28` - `2022-02-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://play-samp.ru/
Frame ID: 00D766E74A5EC6B29AC793C937B65B5B
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Virtual Drift

Page Statistics

5
Requests

60 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

10 kB
Transfer

25 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://vk.com/play_samp
Title: Vk

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response play-samp.ru/	2 KB 1 KB	224ms 50ms	Document text/html	185.159.131.4 ITOS-AS
General Check archive.org Show headers Download Go to Full URL https://play-samp.ru/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.159.131.4 , Russian Federation, ASN64439 (ITOS-AS, RU), Reverse DNS Software Apache / Resource Hash `61e139b62ba6f6c9e093d2cb2eb9cc71759552670efd4bf09eaeb17043c55390` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Date Sat, 18 Dec 2021 20:35:34 GMT Server Apache Last-Modified Sun, 28 Nov 2021 09:43:01 GMT Accept-Ranges bytes Vary Accept-Encoding,User-Agent Content-Encoding gzip Content-Length 849 Keep-Alive timeout=5, max=100 Connection Keep-Alive Content-Type text/html
GET H/1.1	200 OK	skel.min.js Show response play-samp.ru/js/	20 KB 8 KB	50ms 49ms	Script application/javascript	185.159.131.4 ITOS-AS
General Check archive.org Show headers Download Go to Full URL https://play-samp.ru/js/skel.min.js Requested by Host: play-samp.ru URL: https://play-samp.ru/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.159.131.4 , Russian Federation, ASN64439 (ITOS-AS, RU), Reverse DNS Software Apache / Resource Hash `62735f2878755a68aae18c0dbfd230f8995f58bc388f04a14e315112a18cb899` Request headers Accept-Language de-DE,de;q=0.9 Referer https://play-samp.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Sat, 18 Dec 2021 20:35:34 GMT Content-Encoding gzip Last-Modified Sun, 28 Nov 2021 09:32:01 GMT Server Apache Vary Accept-Encoding,User-Agent Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 7473
GET H/1.1	200 OK	init.js Show response play-samp.ru/js/	3 KB 1 KB	98ms 48ms	Script application/javascript	185.159.131.4 ITOS-AS
General Check archive.org Show headers Download Go to Full URL https://play-samp.ru/js/init.js Requested by Host: play-samp.ru URL: https://play-samp.ru/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.159.131.4 , Russian Federation, ASN64439 (ITOS-AS, RU), Reverse DNS Software Apache / Resource Hash `d7bc9ea26325e9d54942c6da516d340e0f413cb97a4fcb7908b378a6943ea6c0` Request headers Accept-Language de-DE,de;q=0.9 Referer https://play-samp.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Sat, 18 Dec 2021 20:35:34 GMT Content-Encoding gzip Last-Modified Tue, 14 Dec 2021 07:22:12 GMT Server Apache Vary Accept-Encoding,User-Agent Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 1123
GET		html5.js html5shiv.googlecode.com/svn/trunk/	0 0

GET		openapi.js vk.com/js/api/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: html5shiv.googlecode.com
URL: http://html5shiv.googlecode.com/svn/trunk/html5.js

Domain: vk.com
URL: http://vk.com/js/api/openapi.js

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| skel

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://play-samp.ru/ Message: Mixed Content: The page at 'https://play-samp.ru/' was loaded over HTTPS, but requested an insecure script 'http://html5shiv.googlecode.com/svn/trunk/html5.js'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://play-samp.ru/ Message: Mixed Content: The page at 'https://play-samp.ru/' was loaded over HTTPS, but requested an insecure script 'http://vk.com/js/api/openapi.js'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

html5shiv.googlecode.com
play-samp.ru
vk.com
html5shiv.googlecode.com
vk.com
185.159.131.4
61e139b62ba6f6c9e093d2cb2eb9cc71759552670efd4bf09eaeb17043c55390
62735f2878755a68aae18c0dbfd230f8995f58bc388f04a14e315112a18cb899
d7bc9ea26325e9d54942c6da516d340e0f413cb97a4fcb7908b378a6943ea6c0

play-samp.ru Open in urlscan Pro 185.159.131.4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

5 Requests

60 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

2 IPs

1 Countries

10 kBTransfer

25 kBSize

0 Cookies

1 Outgoing links

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

play-samp.ru Open in urlscan Pro
185.159.131.4 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

60 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

10 kB
Transfer

25 kB
Size

0
Cookies

5 HTTP transactions
0 data transactions