monitoring.sapatelemed.kz Open in urlscan Pro
185.98.5.117 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://monitoring.sapatelemed.kz/
Submission Tags: phishingrod
Submission: On October 30 via api (October 30th 2023, 3:16:28 am UTC) from DE — Scanned from DE

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 9 HTTP transactions. The main IP is 185.98.5.117, located in Astana, Kazakhstan and belongs to HOSTER-AST Hoster.KZ - Astana, KZ. The main domain is monitoring.sapatelemed.kz.
TLS certificate: Issued by R3 on October 30th 2023. Valid for: 3 months.

This is the only time monitoring.sapatelemed.kz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	185.98.5.117 185.98.5.117	207333 (HOSTER-AS...) (HOSTER-AST Hoster.KZ - Astana)
4	2606:4700::68... 2606:4700::6812:909	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2

5 185.98.5.117 (Astana, Kazakhstan)

ASN207333 (HOSTER-AST Hoster.KZ - Astana, KZ)
PTR: pkz9.hoster.kz

monitoring.sapatelemed.kz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:909 (United States)

ASN13335 (CLOUDFLARENET, US)

code.highcharts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	sapatelemed.kz monitoring.sapatelemed.kz	390 KB
4	highcharts.com code.highcharts.com — Cisco Umbrella Rank: 14416	148 KB
9	2

	Domain	Requested by
5	monitoring.sapatelemed.kz	monitoring.sapatelemed.kz
4	code.highcharts.com	monitoring.sapatelemed.kz
9	2

This site contains no links.

Subject Issuer	Validity	Valid
monitoring.sapatelemed.kz R3	`2023-10-30` - `2024-01-28`	3 months	crt.sh
highcharts.com Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://monitoring.sapatelemed.kz/
Frame ID: 49CB4D23BF74E46AF7290EF3EB431E4E
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ТЕЛЕМЕДИЦИНА

Detected technologies

Highcharts (JavaScript Graphics) Expand

Overall confidence: 100%
Detected patterns

highcharts.*\.js

Page Statistics

9
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

539 kB
Transfer

2149 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response monitoring.sapatelemed.kz/	2 KB 816 B	1674ms 82ms	Document text/html	185.98.5.117 Astana
General Check archive.org Show headers Download Go to Full URL https://monitoring.sapatelemed.kz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.98.5.117 Astana, Kazakhstan, ASN207333 (HOSTER-AST Hoster.KZ - Astana, KZ), Reverse DNS pkz9.hoster.kz Software nginx / PleskLin Resource Hash `89ba761fc27abfb6d720c1cf7e92674b6273332842ab4db3b46462ae34a35407` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding br content-type text/html; charset=UTF-8 date Mon, 30 Oct 2023 03:16:23 GMT etag W/"651e8054-62b" last-modified Thu, 05 Oct 2023 09:22:28 GMT server nginx x-powered-by PleskLin
GET H2	200	index.6178d0bf.js Show response monitoring.sapatelemed.kz/assets/	232 KB 25 KB	170ms 169ms	Script application/javascript	185.98.5.117 Astana
General Check archive.org Show headers Download Go to Full URL https://monitoring.sapatelemed.kz/assets/index.6178d0bf.js Requested by Host: monitoring.sapatelemed.kz URL: https://monitoring.sapatelemed.kz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.98.5.117 Astana, Kazakhstan, ASN207333 (HOSTER-AST Hoster.KZ - Astana, KZ), Reverse DNS pkz9.hoster.kz Software nginx / PleskLin Resource Hash `b0d75e9c8efdfdc57d24168f87985e5ed37b4651400abf61ec01bfff41a61daa` Request headers Referer https://monitoring.sapatelemed.kz/ Origin https://monitoring.sapatelemed.kz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Mon, 30 Oct 2023 03:16:23 GMT content-encoding br last-modified Thu, 05 Oct 2023 09:20:30 GMT server nginx etag W/"651e7fde-3a02b" x-powered-by PleskLin content-type application/javascript
GET H2	200	vendor.04a829fa.js Show response monitoring.sapatelemed.kz/assets/	792 KB 186 KB	332ms 330ms	Script application/javascript	185.98.5.117 Astana
General Check archive.org Show headers Download Go to Full URL https://monitoring.sapatelemed.kz/assets/vendor.04a829fa.js Requested by Host: monitoring.sapatelemed.kz URL: https://monitoring.sapatelemed.kz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.98.5.117 Astana, Kazakhstan, ASN207333 (HOSTER-AST Hoster.KZ - Astana, KZ), Reverse DNS pkz9.hoster.kz Software nginx / PleskLin Resource Hash `cb356367489e34f5c17332c98ecebafd4c10eb7569e83dcc839e45f296945a23` Request headers Referer Origin https://monitoring.sapatelemed.kz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Mon, 30 Oct 2023 03:16:23 GMT content-encoding br last-modified Thu, 05 Oct 2023 09:21:29 GMT server nginx etag W/"651e8019-c609a" x-powered-by PleskLin content-type application/javascript
GET H2	200	index.f9287754.css monitoring.sapatelemed.kz/assets/	583 KB 74 KB	250ms 249ms	Stylesheet text/css	185.98.5.117 Astana
General Check archive.org Show headers Download Go to Full URL https://monitoring.sapatelemed.kz/assets/index.f9287754.css Requested by Host: monitoring.sapatelemed.kz URL: https://monitoring.sapatelemed.kz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.98.5.117 Astana, Kazakhstan, ASN207333 (HOSTER-AST Hoster.KZ - Astana, KZ), Reverse DNS pkz9.hoster.kz Software nginx / PleskLin Resource Hash `ecc4b5d76e199ad56719e43c2576bc32e345688291b69bdea6225b5890c5c0c0` Request headers accept-language de-DE,de;q=0.9 Referer https://monitoring.sapatelemed.kz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Mon, 30 Oct 2023 03:16:23 GMT content-encoding br last-modified Thu, 05 Oct 2023 09:20:59 GMT server nginx etag W/"651e7ffb-91cac" x-powered-by PleskLin content-type text/css
GET H2	200	highcharts.js Show response code.highcharts.com/	281 KB 100 KB	57ms 21ms	Script text/javascript	2606:4700::6812:909 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://code.highcharts.com/highcharts.js Requested by Host: monitoring.sapatelemed.kz URL: https://monitoring.sapatelemed.kz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:909 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0bf12ca4143e044d50f874054d1a2fec814d5ea03d7a5caed83d3fe211c4902f` Request headers accept-language de-DE,de;q=0.9 Referer https://monitoring.sapatelemed.kz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Mon, 30 Oct 2023 03:16:23 GMT content-encoding gzip cf-cache-status HIT x-amz-request-id 7YZZYY9730BWH3KS age 1796837 content-length 102032 x-amz-id-2 3ZmZu3vYOfrzYCNu91CIhiGmwS/aKl2qzdJQVk3rWVG/fNrDNijizX1oj6dMj2KTLvNlu64M9DQ= last-modified Mon, 05 Jun 2023 11:30:22 GMT server cloudflare etag "984fbd73fcdee426183f85ee117d4365" vary Accept-Encoding content-type text/javascript cache-control public, max-age=2678400 accept-ranges bytes cf-ray 81e07fcf7f85bbc2-FRA expires Thu, 30 Nov 2023 03:16:23 GMT
GET H2	200	exporting.js Show response code.highcharts.com/modules/	19 KB 7 KB	30ms 29ms	Script text/javascript	2606:4700::6812:909 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://code.highcharts.com/modules/exporting.js Requested by Host: monitoring.sapatelemed.kz URL: https://monitoring.sapatelemed.kz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:909 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `605ede526d903bb2b25985a513e26c172481fd7c7addb2076c599de6ba1f820e` Request headers accept-language de-DE,de;q=0.9 Referer https://monitoring.sapatelemed.kz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Mon, 30 Oct 2023 03:16:23 GMT content-encoding gzip cf-cache-status HIT x-amz-request-id 7YZR341ZW8ZFW1AG age 1796823 content-length 7358 x-amz-id-2 186Vqg0BC/s4SSk0qpjIG5j3uFtdM3NWjuDs3dc9jODllm/mjRNaX+dxhVv5heVrgRW9Jf9Mveo= last-modified Mon, 05 Jun 2023 11:30:22 GMT server cloudflare etag "1163d2b5a958f9e7629c69dd1fce83c8" vary Accept-Encoding content-type text/javascript cache-control public, max-age=2678400 accept-ranges bytes cf-ray 81e07fd17885bbc2-FRA expires Thu, 30 Nov 2023 03:16:23 GMT
GET H2	200	export-data.js Show response code.highcharts.com/modules/	14 KB 6 KB	18ms 18ms	Script text/javascript	2606:4700::6812:909 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://code.highcharts.com/modules/export-data.js Requested by Host: monitoring.sapatelemed.kz URL: https://monitoring.sapatelemed.kz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:909 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `aada71f546378041dcf764b24a38fd0ef90e3946a1f93c2fe0d2d4f7cb54fcd2` Request headers accept-language de-DE,de;q=0.9 Referer https://monitoring.sapatelemed.kz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Mon, 30 Oct 2023 03:16:23 GMT content-encoding gzip cf-cache-status HIT x-amz-request-id 7YZN6TQ6W5DK7CJ4 age 1796821 content-length 6012 x-amz-id-2 rHJIyC2ckbTyNUp/HYQS9NW7QbU4IGX6+rpb74hVPQL0KPCqsbgyAcB9fStnJDlVcgnq4dqKBbs= last-modified Mon, 05 Jun 2023 11:30:22 GMT server cloudflare etag "6d120b81f5f8cadfd78a92fb570ea93a" vary Accept-Encoding content-type text/javascript cache-control public, max-age=2678400 accept-ranges bytes cf-ray 81e07fd1a897bbc2-FRA expires Thu, 30 Nov 2023 03:16:23 GMT
GET H2	200	accessibility.js Show response code.highcharts.com/modules/	121 KB 35 KB	23ms 23ms	Script text/javascript	2606:4700::6812:909 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://code.highcharts.com/modules/accessibility.js Requested by Host: monitoring.sapatelemed.kz URL: https://monitoring.sapatelemed.kz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:909 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1139af09e45c66d0c7b8a2c6f8d575d688628b96e2afc67cf8175dc5fb255a92` Request headers accept-language de-DE,de;q=0.9 Referer https://monitoring.sapatelemed.kz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Mon, 30 Oct 2023 03:16:23 GMT content-encoding gzip cf-cache-status HIT x-amz-request-id WT4DNC0ARBZBE5X4 age 1796821 content-length 35330 x-amz-id-2 oaTyasoyHll9eZm94GnCosA7cmaLnKaurxRh+osc0ucv3d7tP1Sllibk2V6BJa/euJ0WYxqGIis= last-modified Mon, 05 Jun 2023 11:30:22 GMT server cloudflare etag "7755168b7fbc60f23b56d3e4cd600a44" vary Accept-Encoding content-type text/javascript cache-control public, max-age=2678400 accept-ranges bytes cf-ray 81e07fd1d8a5bbc2-FRA expires Thu, 30 Nov 2023 03:16:23 GMT
GET H2	200	Framework7Icons-Regular.a42aa071.woff2 monitoring.sapatelemed.kz/assets/	105 KB 105 KB	84ms 84ms	Font font/woff2	185.98.5.117 Astana
General Check archive.org Show headers Download Go to Full URL https://monitoring.sapatelemed.kz/assets/Framework7Icons-Regular.a42aa071.woff2 Requested by Host: monitoring.sapatelemed.kz URL: https://monitoring.sapatelemed.kz/assets/index.f9287754.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.98.5.117 Astana, Kazakhstan, ASN207333 (HOSTER-AST Hoster.KZ - Astana, KZ), Reverse DNS pkz9.hoster.kz Software nginx / PleskLin Resource Hash `a42aa071915d1b8f135ee790f6dae197b115f39f858e19da41a5a9eca3efd6f4` Request headers Referer https://monitoring.sapatelemed.kz/assets/index.f9287754.css Origin https://monitoring.sapatelemed.kz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Mon, 30 Oct 2023 03:16:24 GMT content-encoding gzip last-modified Thu, 05 Oct 2023 09:21:31 GMT server nginx etag W/"651e801b-1a398" x-powered-by PleskLin content-type font/woff2

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.highcharts.com/	1969-12-31 23:59:59	Name: _cfuvid Value: oODC1WpCM8H9dI6lKR1N_zZexTCffEAIHxiefqwD4FY-1698635783609-0-604800000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.highcharts.com
monitoring.sapatelemed.kz
185.98.5.117
2606:4700::6812:909
0bf12ca4143e044d50f874054d1a2fec814d5ea03d7a5caed83d3fe211c4902f
1139af09e45c66d0c7b8a2c6f8d575d688628b96e2afc67cf8175dc5fb255a92
605ede526d903bb2b25985a513e26c172481fd7c7addb2076c599de6ba1f820e
89ba761fc27abfb6d720c1cf7e92674b6273332842ab4db3b46462ae34a35407
a42aa071915d1b8f135ee790f6dae197b115f39f858e19da41a5a9eca3efd6f4
aada71f546378041dcf764b24a38fd0ef90e3946a1f93c2fe0d2d4f7cb54fcd2
b0d75e9c8efdfdc57d24168f87985e5ed37b4651400abf61ec01bfff41a61daa
cb356367489e34f5c17332c98ecebafd4c10eb7569e83dcc839e45f296945a23
ecc4b5d76e199ad56719e43c2576bc32e345688291b69bdea6225b5890c5c0c0

monitoring.sapatelemed.kz Open in urlscan Pro 185.98.5.117 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

9 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

539 kBTransfer

2149 kBSize

1 Cookies

0 Outgoing links

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

1 Cookies

Indicators

monitoring.sapatelemed.kz Open in urlscan Pro
185.98.5.117 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

539 kB
Transfer

2149 kB
Size

1
Cookies

9 HTTP transactions
0 data transactions