monitoring.sapatelemed.kz Open in urlscan Pro
185.98.5.117 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://monitoring.sapatelemed.kz/
Submission Tags: phishingrod
Submission: On May 03 via api (May 3rd 2023, 3:15:50 am UTC) from DE — Scanned from DE

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 9 HTTP transactions. The main IP is 185.98.5.117, located in Kazakhstan and belongs to HOSTER-AST Hoster.KZ - Astana, KZ. The main domain is monitoring.sapatelemed.kz.
TLS certificate: Issued by R3 on March 4th 2023. Valid for: 3 months.

This is the only time monitoring.sapatelemed.kz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	185.98.5.117 185.98.5.117	207333 (HOSTER-AS...) (HOSTER-AST Hoster.KZ - Astana)
4	2606:4700::68... 2606:4700::6812:809	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2

5 185.98.5.117 (Kazakhstan)

ASN207333 (HOSTER-AST Hoster.KZ - Astana, KZ)
PTR: pkz9.hoster.kz

monitoring.sapatelemed.kz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:809 (United States)

ASN13335 (CLOUDFLARENET, US)

code.highcharts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	sapatelemed.kz monitoring.sapatelemed.kz	384 KB
4	highcharts.com code.highcharts.com — Cisco Umbrella Rank: 17799	147 KB
9	2

	Domain	Requested by
5	monitoring.sapatelemed.kz	monitoring.sapatelemed.kz
4	code.highcharts.com	monitoring.sapatelemed.kz
9	2

This site contains no links.

Subject Issuer	Validity	Valid
monitoring.sapatelemed.kz R3	`2023-03-04` - `2023-06-02`	3 months	crt.sh
highcharts.com Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://monitoring.sapatelemed.kz/
Frame ID: 2DEFBB690CF16452B531D8BD7A115DAC
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ТЕЛЕМЕДИЦИНА

Detected technologies

Highcharts (JavaScript Graphics) Expand

Overall confidence: 100%
Detected patterns

highcharts.*\.js

Page Statistics

9
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

531 kB
Transfer

2063 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response monitoring.sapatelemed.kz/	2 KB 816 B	414ms 83ms	Document text/html	185.98.5.117 Astana
General Check archive.org Show headers Download Go to Full URL https://monitoring.sapatelemed.kz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.98.5.117 , Kazakhstan, ASN207333 (HOSTER-AST Hoster.KZ - Astana, KZ), Reverse DNS pkz9.hoster.kz Software nginx / PleskLin Resource Hash `2e9079d4f3abd136010cc570d31280f984d360c5c33af0725902ac73ded0af0c` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding br content-type text/html; charset=UTF-8 date Wed, 03 May 2023 03:15:45 GMT etag W/"643639b6-62b" last-modified Wed, 12 Apr 2023 04:55:18 GMT server nginx x-powered-by PleskLin
GET H2	200	index.9e740cb0.js Show response monitoring.sapatelemed.kz/assets/	150 KB 19 KB	197ms 196ms	Script application/javascript	185.98.5.117 Astana
General Check archive.org Show headers Download Go to Full URL https://monitoring.sapatelemed.kz/assets/index.9e740cb0.js Requested by Host: monitoring.sapatelemed.kz URL: https://monitoring.sapatelemed.kz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.98.5.117 , Kazakhstan, ASN207333 (HOSTER-AST Hoster.KZ - Astana, KZ), Reverse DNS pkz9.hoster.kz Software nginx / PleskLin Resource Hash `20ef3589d67bdb8ffb2821ad7478fedff2da1f347c594cefc9106603946a512e` Request headers Referer https://monitoring.sapatelemed.kz/ Origin https://monitoring.sapatelemed.kz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Wed, 03 May 2023 03:15:45 GMT content-encoding br last-modified Wed, 12 Apr 2023 04:55:14 GMT server nginx etag W/"643639b2-25676" x-powered-by PleskLin content-type application/javascript
GET H2	200	vendor.04a829fa.js Show response monitoring.sapatelemed.kz/assets/	792 KB 186 KB	198ms 197ms	Script application/javascript	185.98.5.117 Astana
General Check archive.org Show headers Download Go to Full URL https://monitoring.sapatelemed.kz/assets/vendor.04a829fa.js Requested by Host: monitoring.sapatelemed.kz URL: https://monitoring.sapatelemed.kz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.98.5.117 , Kazakhstan, ASN207333 (HOSTER-AST Hoster.KZ - Astana, KZ), Reverse DNS pkz9.hoster.kz Software nginx / PleskLin Resource Hash `cb356367489e34f5c17332c98ecebafd4c10eb7569e83dcc839e45f296945a23` Request headers Referer Origin https://monitoring.sapatelemed.kz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Wed, 03 May 2023 03:15:45 GMT content-encoding br last-modified Wed, 12 Apr 2023 04:55:13 GMT server nginx etag W/"643639b1-c609a" x-powered-by PleskLin content-type application/javascript
GET H2	200	index.26990675.css monitoring.sapatelemed.kz/assets/	581 KB 73 KB	390ms 389ms	Stylesheet text/css	185.98.5.117 Astana
General Check archive.org Show headers Download Go to Full URL https://monitoring.sapatelemed.kz/assets/index.26990675.css Requested by Host: monitoring.sapatelemed.kz URL: https://monitoring.sapatelemed.kz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.98.5.117 , Kazakhstan, ASN207333 (HOSTER-AST Hoster.KZ - Astana, KZ), Reverse DNS pkz9.hoster.kz Software nginx / PleskLin Resource Hash `2990f45a19d446a29b81e30059ba725dbdde365ceb335d3706c6c6e3e9c36852` Request headers accept-language de-DE,de;q=0.9 Referer https://monitoring.sapatelemed.kz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Wed, 03 May 2023 03:15:45 GMT content-encoding br last-modified Wed, 12 Apr 2023 04:55:15 GMT server nginx etag W/"643639b3-91408" x-powered-by PleskLin content-type text/css
GET H2	200	highcharts.js Show response code.highcharts.com/	280 KB 99 KB	46ms 20ms	Script text/javascript	2606:4700::6812:809 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://code.highcharts.com/highcharts.js Requested by Host: monitoring.sapatelemed.kz URL: https://monitoring.sapatelemed.kz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:809 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `fe90a2cfb37123e2b4105f9302fc398a2a8f9d8534af1184beb560314526da21` Request headers accept-language de-DE,de;q=0.9 Referer https://monitoring.sapatelemed.kz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Wed, 03 May 2023 03:15:45 GMT content-encoding gzip cf-cache-status HIT x-amz-request-id ZBJSSSJKAN6013QT age 404806 content-length 100984 x-amz-id-2 zmgm4rmHGFrACY09CE08vNR2sDILX/Ed9l4yOt2nojc7qmKRnjAnC4IPjB6EnEOEdDTE+pJf04A= last-modified Wed, 26 Apr 2023 05:47:11 GMT server cloudflare etag "f27ace18e04bdd48eb11325112f92fd5" vary Accept-Encoding content-type text/javascript cache-control public, max-age=86400 accept-ranges bytes cf-ray 7c1557607dc81c60-FRA expires Thu, 04 May 2023 03:15:45 GMT
GET H2	200	exporting.js Show response code.highcharts.com/modules/	19 KB 7 KB	21ms 20ms	Script text/javascript	2606:4700::6812:809 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://code.highcharts.com/modules/exporting.js Requested by Host: monitoring.sapatelemed.kz URL: https://monitoring.sapatelemed.kz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:809 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6207570696a450c9de01d2b8bd8081f2a6bb68d8df457e0dff04cbb0de8ae10b` Request headers accept-language de-DE,de;q=0.9 Referer https://monitoring.sapatelemed.kz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Wed, 03 May 2023 03:15:45 GMT content-encoding gzip cf-cache-status HIT x-amz-request-id VY0JF4F8CC4K617F age 595329 content-length 7360 x-amz-id-2 jaBr29WsYb50ZvnHp3n34gUGiofDrm+I3sIBSiP1aTQ2N7efiiUC7rY4VNhdG/j/OjrwJSx9ywU= last-modified Wed, 26 Apr 2023 05:47:11 GMT server cloudflare etag "35135cf30a684b6335bba2d0a95f336b" vary Accept-Encoding content-type text/javascript cache-control public, max-age=86400 accept-ranges bytes cf-ray 7c155762ef591c60-FRA expires Thu, 04 May 2023 03:15:45 GMT
GET H2	200	export-data.js Show response code.highcharts.com/modules/	14 KB 6 KB	18ms 18ms	Script text/javascript	2606:4700::6812:809 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://code.highcharts.com/modules/export-data.js Requested by Host: monitoring.sapatelemed.kz URL: https://monitoring.sapatelemed.kz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:809 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `60d69747c3145fe8b93585d622540a12b7bbf729742eb2153927b93aedd956c5` Request headers accept-language de-DE,de;q=0.9 Referer https://monitoring.sapatelemed.kz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Wed, 03 May 2023 03:15:45 GMT content-encoding gzip cf-cache-status HIT x-amz-request-id VY0MESZ114E46K62 age 595320 content-length 6011 x-amz-id-2 69pAmy8sY6XSuLQZE6GZldHCbLmd4RWsIps0tW3TQrrh/KbVpJ6e0lt87I6SrilaOAWZb6Utt3s= last-modified Wed, 26 Apr 2023 05:47:11 GMT server cloudflare etag "26b004ab551b0d7f037f440fb0501ede" vary Accept-Encoding content-type text/javascript cache-control public, max-age=86400 accept-ranges bytes cf-ray 7c1557634f871c60-FRA expires Thu, 04 May 2023 03:15:45 GMT
GET H2	200	accessibility.js Show response code.highcharts.com/modules/	120 KB 35 KB	19ms 19ms	Script text/javascript	2606:4700::6812:809 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://code.highcharts.com/modules/accessibility.js Requested by Host: monitoring.sapatelemed.kz URL: https://monitoring.sapatelemed.kz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:809 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `fbf49812676ec78981fed34f084cbab36081effb4815f4ad699d9843a9ded0c8` Request headers accept-language de-DE,de;q=0.9 Referer https://monitoring.sapatelemed.kz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Wed, 03 May 2023 03:15:45 GMT content-encoding gzip cf-cache-status HIT x-amz-request-id VY0Z6XQVJ3HB6X9W age 595295 content-length 35211 x-amz-id-2 aPHnaZe3bwv20qRSvH/8B8xJi/udr/aBTLFkslxg1HvzqVxYa2MANmJO6zJ60zDfbRGXmJIByfA= last-modified Wed, 26 Apr 2023 05:47:10 GMT server cloudflare etag "7f4a1bda8bcfedfaf45c6beadb4b96f6" vary Accept-Encoding content-type text/javascript cache-control public, max-age=86400 accept-ranges bytes cf-ray 7c1557636f9d1c60-FRA expires Thu, 04 May 2023 03:15:45 GMT
GET H2	200	Framework7Icons-Regular.a42aa071.woff2 monitoring.sapatelemed.kz/assets/	105 KB 105 KB	84ms 84ms	Font font/woff2	185.98.5.117 Astana
General Check archive.org Show headers Download Go to Full URL https://monitoring.sapatelemed.kz/assets/Framework7Icons-Regular.a42aa071.woff2 Requested by Host: monitoring.sapatelemed.kz URL: https://monitoring.sapatelemed.kz/assets/index.26990675.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.98.5.117 , Kazakhstan, ASN207333 (HOSTER-AST Hoster.KZ - Astana, KZ), Reverse DNS pkz9.hoster.kz Software nginx / PleskLin Resource Hash `a42aa071915d1b8f135ee790f6dae197b115f39f858e19da41a5a9eca3efd6f4` Request headers Referer https://monitoring.sapatelemed.kz/assets/index.26990675.css Origin https://monitoring.sapatelemed.kz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Wed, 03 May 2023 03:15:46 GMT content-encoding gzip last-modified Wed, 12 Apr 2023 04:55:13 GMT server nginx etag W/"643639b1-1a398" x-powered-by PleskLin content-type font/woff2

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.highcharts.com/	1969-12-31 23:59:59	Name: _cfuvid Value: YatHZp7KTpDJGsOWSoujmAjpbAsTYJqbUJERS0XA.LI-1683083745371-0-604800000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.highcharts.com
monitoring.sapatelemed.kz
185.98.5.117
2606:4700::6812:809
20ef3589d67bdb8ffb2821ad7478fedff2da1f347c594cefc9106603946a512e
2990f45a19d446a29b81e30059ba725dbdde365ceb335d3706c6c6e3e9c36852
2e9079d4f3abd136010cc570d31280f984d360c5c33af0725902ac73ded0af0c
60d69747c3145fe8b93585d622540a12b7bbf729742eb2153927b93aedd956c5
6207570696a450c9de01d2b8bd8081f2a6bb68d8df457e0dff04cbb0de8ae10b
a42aa071915d1b8f135ee790f6dae197b115f39f858e19da41a5a9eca3efd6f4
cb356367489e34f5c17332c98ecebafd4c10eb7569e83dcc839e45f296945a23
fbf49812676ec78981fed34f084cbab36081effb4815f4ad699d9843a9ded0c8
fe90a2cfb37123e2b4105f9302fc398a2a8f9d8534af1184beb560314526da21

monitoring.sapatelemed.kz Open in urlscan Pro 185.98.5.117 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

9 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

531 kBTransfer

2063 kBSize

1 Cookies

0 Outgoing links

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

1 Cookies

Indicators

monitoring.sapatelemed.kz Open in urlscan Pro
185.98.5.117 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

531 kB
Transfer

2063 kB
Size

1
Cookies

9 HTTP transactions
0 data transactions