wstat.ru Open in urlscan Pro
217.199.217.44 Public Scan

URL:
https://wstat.ru/gms/?state=2
Submission: On March 27 via manual (March 27th 2018, 8:00:51 pm UTC) from RU

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 12 HTTP transactions. The main IP is 217.199.217.44, located in Russian Federation and belongs to QL-AS, RU. The main domain is wstat.ru.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on February 1st 2018. Valid for: a year.

This is the only time wstat.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	217.199.217.44 217.199.217.44	34221 (QL-AS) (QL-AS)
1	104.18.48.67 104.18.48.67	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
12	3

2 217.199.217.44 (Russian Federation)

ASN34221 (QL-AS, RU)
PTR: dev44.ucoz.net

wstat.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.48.67 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

api.4fsfrxhj.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	wstat.ru wstat.ru	119 KB
1	4fsfrxhj.info api.4fsfrxhj.info	450 B
12	2

	Domain	Requested by
2	wstat.ru	wstat.ru
1	api.4fsfrxhj.info	wstat.ru
12	2

This site contains no links.

Subject Issuer	Validity	Valid
wstat.ru COMODO RSA Domain Validation Secure Server CA	`2018-02-01` - `2019-02-01`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://wstat.ru/gms/?state=2
Frame ID: D44D1328C73CECE1CA3307DCD3B78571
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

12
Requests

17 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

119 kB
Transfer

1916 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response wstat.ru/gms/	3 KB 2 KB	269ms 53ms	Document text/html	217.199.217.44 QL-AS
General Check archive.org Show headers Download Go to Full URL https://wstat.ru/gms/?state=2 Protocol HTTP/1.1 Security TLS 1.0, RSA, AES_128_CBC Server 217.199.217.44 , Russian Federation, ASN34221 (QL-AS, RU), Reverse DNS dev44.ucoz.net Software uServ/3.2.2 / Resource Hash `084aa86bd1aeee7950082a4b29341678cdcead3635c5efa577926ea4c3e29b77` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host wstat.ru Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Cache-Control no-cache Connection keep-alive Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Pragma no-cache Date Tue, 27 Mar 2018 20:00:39 GMT Content-Encoding gzip Server uServ/3.2.2 Transfer-Encoding chunked Content-Type text/html; charset=UTF-8 Cache-Control no-cache no-store Connection keep-alive Keep-Alive timeout=15
GET H/1.1	200 OK	wstat.js Show response wstat.ru/	339 KB 117 KB	106ms 99ms	Script text/javascript	217.199.217.44 QL-AS
General Check archive.org Show headers Download Go to Full URL https://wstat.ru/wstat.js Requested by Host: wstat.ru URL: https://wstat.ru/gms/?state=2 Protocol HTTP/1.1 Security TLS 1.0, RSA, AES_128_CBC Server 217.199.217.44 , Russian Federation, ASN34221 (QL-AS, RU), Reverse DNS dev44.ucoz.net Software uServ/3.2.2 / Resource Hash `f45458f0b87457d357b473a5691560dfede1877e67d208e44c8fd4bea764164e` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host wstat.ru User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept / Referer https://wstat.ru/gms/?state=2 Connection keep-alive Cache-Control no-cache Referer https://wstat.ru/gms/?state=2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Tue, 27 Mar 2018 20:00:39 GMT Content-Encoding gzip Last-Modified Tue, 30 Jan 2018 15:02:28 GMT Server uServ/3.2.2 Transfer-Encoding chunked Content-Type text/javascript Connection keep-alive Keep-Alive timeout=15
GET DATA	200 OK	truncated /	473 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `f097ea17ddc2202f9dd368089cb3bf808e758223c489e83df6b271b2f9ce39f2` Request headers Response headers Access-Control-Allow-Origin * Content-Type image/svg+xml
GET S	200	conf Show response api.4fsfrxhj.info/api/	30 B 450 B	88ms 37ms	XHR application/json	104.18.48.67 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://api.4fsfrxhj.info/api/conf?h=0f1175061b1cfaf760495f3a75060730 Requested by Host: wstat.ru URL: https://wstat.ru/gms/?state=2 Protocol SPDY Server 104.18.48.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `70276f7d1dc60d579905f767e26a9e491933e78656be225d6d59626272def953` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Referer https://wstat.ru/gms/?state=2 Origin https://wstat.ru Response headers date Tue, 27 Mar 2018 20:00:41 GMT content-encoding gzip server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 content-type application/json access-control-allow-origin * cache-control public, max-age=60 access-control-allow-credentials true cf-ray 402471d29a0c9792-FRA access-control-allow-headers *
GET BLOB	200 OK	c78b4d48-7871-492b-8064-650980c84d6c https://wstat.ru/	175 KB 0		Other text/plain
General Check archive.org Show headers Download Go to Full URL blob:https://wstat.ru/c78b4d48-7871-492b-8064-650980c84d6c Requested by Host: wstat.ru URL: https://wstat.ru/gms/?state=2 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash `bfefaf3fd316072283d1a9eed13a3071e2da767476c3de476568fd899fa25775` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Content-Length 179089
GET BLOB	200 OK	c78b4d48-7871-492b-8064-650980c84d6c https://wstat.ru/	175 KB 0		Other text/plain
General Check archive.org Show headers Download Go to Full URL blob:https://wstat.ru/c78b4d48-7871-492b-8064-650980c84d6c Requested by Host: wstat.ru URL: https://wstat.ru/gms/?state=2 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash `bfefaf3fd316072283d1a9eed13a3071e2da767476c3de476568fd899fa25775` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Content-Length 179089
GET BLOB	200 OK	c78b4d48-7871-492b-8064-650980c84d6c https://wstat.ru/	175 KB 0		Other text/plain
General Check archive.org Show headers Download Go to Full URL blob:https://wstat.ru/c78b4d48-7871-492b-8064-650980c84d6c Requested by Host: wstat.ru URL: https://wstat.ru/gms/?state=2 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash `bfefaf3fd316072283d1a9eed13a3071e2da767476c3de476568fd899fa25775` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Content-Length 179089
GET BLOB	200 OK	c78b4d48-7871-492b-8064-650980c84d6c https://wstat.ru/	175 KB 0		Other text/plain
General Check archive.org Show headers Download Go to Full URL blob:https://wstat.ru/c78b4d48-7871-492b-8064-650980c84d6c Requested by Host: wstat.ru URL: https://wstat.ru/gms/?state=2 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash `bfefaf3fd316072283d1a9eed13a3071e2da767476c3de476568fd899fa25775` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Content-Length 179089
GET BLOB	200 OK	c78b4d48-7871-492b-8064-650980c84d6c https://wstat.ru/	175 KB 0		Other text/plain
General Check archive.org Show headers Download Go to Full URL blob:https://wstat.ru/c78b4d48-7871-492b-8064-650980c84d6c Requested by Host: wstat.ru URL: https://wstat.ru/gms/?state=2 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash `bfefaf3fd316072283d1a9eed13a3071e2da767476c3de476568fd899fa25775` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Content-Length 179089
GET BLOB	200 OK	c78b4d48-7871-492b-8064-650980c84d6c https://wstat.ru/	175 KB 0		Other text/plain
General Check archive.org Show headers Download Go to Full URL blob:https://wstat.ru/c78b4d48-7871-492b-8064-650980c84d6c Requested by Host: wstat.ru URL: https://wstat.ru/gms/?state=2 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash `bfefaf3fd316072283d1a9eed13a3071e2da767476c3de476568fd899fa25775` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Content-Length 179089
GET BLOB	200 OK	c78b4d48-7871-492b-8064-650980c84d6c https://wstat.ru/	175 KB 0		Other text/plain
General Check archive.org Show headers Download Go to Full URL blob:https://wstat.ru/c78b4d48-7871-492b-8064-650980c84d6c Requested by Host: wstat.ru URL: https://wstat.ru/gms/?state=2 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash `bfefaf3fd316072283d1a9eed13a3071e2da767476c3de476568fd899fa25775` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Content-Length 179089
GET BLOB	200 OK	c78b4d48-7871-492b-8064-650980c84d6c https://wstat.ru/	175 KB 0		Other text/plain
General Check archive.org Show headers Download Go to Full URL blob:https://wstat.ru/c78b4d48-7871-492b-8064-650980c84d6c Requested by Host: wstat.ru URL: https://wstat.ru/gms/?state=2 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash `bfefaf3fd316072283d1a9eed13a3071e2da767476c3de476568fd899fa25775` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Content-Length 179089
GET BLOB	200 OK	c78b4d48-7871-492b-8064-650980c84d6c https://wstat.ru/	175 KB 0		Other text/plain
General Check archive.org Show headers Download Go to Full URL blob:https://wstat.ru/c78b4d48-7871-492b-8064-650980c84d6c Requested by Host: wstat.ru URL: https://wstat.ru/gms/?state=2 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash `bfefaf3fd316072283d1a9eed13a3071e2da767476c3de476568fd899fa25775` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Content-Length 179089

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.4fsfrxhj.info
wstat.ru
104.18.48.67
217.199.217.44
084aa86bd1aeee7950082a4b29341678cdcead3635c5efa577926ea4c3e29b77
70276f7d1dc60d579905f767e26a9e491933e78656be225d6d59626272def953
bfefaf3fd316072283d1a9eed13a3071e2da767476c3de476568fd899fa25775
f097ea17ddc2202f9dd368089cb3bf808e758223c489e83df6b271b2f9ce39f2
f45458f0b87457d357b473a5691560dfede1877e67d208e44c8fd4bea764164e

wstat.ru Open in urlscan Pro 217.199.217.44 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

12 Requests

17 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

119 kBTransfer

1916 kBSize

0 Cookies

0 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

0 Cookies

Indicators

wstat.ru Open in urlscan Pro
217.199.217.44 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

17 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

119 kB
Transfer

1916 kB
Size

0
Cookies

12 HTTP transactions
1 data transactions