covid.ardi.ge Open in urlscan Pro
213.131.38.13 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://covid.ardi.ge/
Submission: On September 20 via automatic, source certstream-suspicious (September 20th 2020, 8:40:39 pm UTC)

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 11 HTTP transactions. The main IP is 213.131.38.13, located in Tbilisi, Georgia and belongs to SILKNET, GE. The main domain is covid.ardi.ge.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 20th 2020. Valid for: 3 months.

This is the only time covid.ardi.ge was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
9	213.131.38.13 213.131.38.13		15491 (SILKNET) (SILKNET)
11	2

9 213.131.38.13 (Tbilisi, Georgia)

ASN15491 (SILKNET, GE)
PTR: ge-tbs-isani-cb-feth2-54.wanex.net

covid.ardi.ge	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	ardi.ge covid.ardi.ge	1020 KB
11	1

	Domain	Requested by
9	covid.ardi.ge	covid.ardi.ge
11	1

This site contains no links.

Subject Issuer	Validity	Valid
covid.ardi.ge Let's Encrypt Authority X3	`2020-09-20` - `2020-12-19`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://covid.ardi.ge/
Frame ID: 2186F215382E7650096CA7167B181BA5
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

11
Requests

82 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

1020 kB
Transfer

1035 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response covid.ardi.ge/	836 B 984 B	594ms 116ms	Document text/html	213.131.38.13 SILKNET
General Check archive.org Show headers Download Go to Full URL https://covid.ardi.ge/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 213.131.38.13 Tbilisi, Georgia, ASN15491 (SILKNET, GE), Reverse DNS ge-tbs-isani-cb-feth2-54.wanex.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `65a5490ae11cd23d1a86d425b3f966a36c296be88cbc667abff2e9399aeb8521` Request headers :method GET :authority covid.ardi.ge :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 content-type text/html last-modified Fri, 18 Sep 2020 12:12:49 GMT accept-ranges bytes etag "1d68db50666b5c4" server Microsoft-IIS/10.0 x-powered-by ASP.NET date Sun, 20 Sep 2020 20:39:48 GMT content-length 836
GET H2	200	app.15b99565.css covid.ardi.ge/css/	7 KB 7 KB	284ms 280ms	Stylesheet text/css	213.131.38.13 SILKNET
General Check archive.org Show headers Download Go to Full URL https://covid.ardi.ge/css/app.15b99565.css Requested by Host: covid.ardi.ge URL: https://covid.ardi.ge/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 213.131.38.13 Tbilisi, Georgia, ASN15491 (SILKNET, GE), Reverse DNS ge-tbs-isani-cb-feth2-54.wanex.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `3535fbebcf9c91cbb3b237b081700b8ae4eca84185b66d4a055091a09a8e1821` Request headers Referer https://covid.ardi.ge/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 20 Sep 2020 20:39:48 GMT last-modified Fri, 18 Sep 2020 12:12:49 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET etag "1d68db50666aceb" content-type text/css status 200 accept-ranges bytes content-length 6763
GET H2	200	chunk-vendors.21725d49.css covid.ardi.ge/css/	218 KB 218 KB	159ms 156ms	Stylesheet text/css	213.131.38.13 SILKNET
General Check archive.org Show headers Download Go to Full URL https://covid.ardi.ge/css/chunk-vendors.21725d49.css Requested by Host: covid.ardi.ge URL: https://covid.ardi.ge/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 213.131.38.13 Tbilisi, Georgia, ASN15491 (SILKNET, GE), Reverse DNS ge-tbs-isani-cb-feth2-54.wanex.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `7f01c7d59ffcf3d235a88c74e1939bcd8c858fa1fc834a128c24f6a8786ca245` Request headers Referer https://covid.ardi.ge/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 20 Sep 2020 20:39:48 GMT last-modified Fri, 18 Sep 2020 12:12:49 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET etag "1d68db50665df92" content-type text/css status 200 accept-ranges bytes content-length 223506
GET H2	200	app.90604dad.js Show response covid.ardi.ge/js/	15 KB 15 KB	209ms 206ms	Script application/javascript	213.131.38.13 SILKNET
General Check archive.org Show headers Download Go to Full URL https://covid.ardi.ge/js/app.90604dad.js Requested by Host: covid.ardi.ge URL: https://covid.ardi.ge/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 213.131.38.13 Tbilisi, Georgia, ASN15491 (SILKNET, GE), Reverse DNS ge-tbs-isani-cb-feth2-54.wanex.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `e55fab2bc0a20f1023917b8d22a78bb4682c0f81adb2586b84b28f100c8553d2` Request headers Referer https://covid.ardi.ge/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 20 Sep 2020 20:39:48 GMT last-modified Fri, 18 Sep 2020 12:12:49 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET etag "1d68db506668a9d" content-type application/javascript status 200 accept-ranges bytes content-length 15389
GET H2	200	chunk-vendors.8e6c7b4d.js Show response covid.ardi.ge/js/	756 KB 757 KB	215ms 213ms	Script application/javascript	213.131.38.13 SILKNET
General Check archive.org Show headers Download Go to Full URL https://covid.ardi.ge/js/chunk-vendors.8e6c7b4d.js Requested by Host: covid.ardi.ge URL: https://covid.ardi.ge/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 213.131.38.13 Tbilisi, Georgia, ASN15491 (SILKNET, GE), Reverse DNS ge-tbs-isani-cb-feth2-54.wanex.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `c6cd5b4f4fdabddcc71381d4eb3f65bd4c2fa825dc5ddbe9f8d7b6eef84a840d` Request headers Referer https://covid.ardi.ge/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 20 Sep 2020 20:39:48 GMT last-modified Fri, 18 Sep 2020 12:12:49 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET etag "1d68db5066d677d" content-type application/javascript status 200 accept-ranges bytes content-length 774653
GET H2	200	logo.30e6c12e.svg covid.ardi.ge/img/	2 KB 2 KB	148ms 148ms	Image image/svg+xml	213.131.38.13 SILKNET
General Check archive.org Show headers Download Go to Show image Full URL https://covid.ardi.ge/img/logo.30e6c12e.svg Requested by Host: covid.ardi.ge URL: https://covid.ardi.ge/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 213.131.38.13 Tbilisi, Georgia, ASN15491 (SILKNET, GE), Reverse DNS ge-tbs-isani-cb-feth2-54.wanex.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `c3630e1783c044692e8cf9fd41c736848b9cbbae4da1d2614e79e0893398f8c9` Request headers Referer https://covid.ardi.ge/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 20 Sep 2020 20:39:49 GMT last-modified Fri, 18 Sep 2020 12:12:49 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET etag "1d68db50666bf8c" content-type image/svg+xml status 200 accept-ranges bytes content-length 2316
GET		GetBranches covid.ardi.ge/booking/	0 0

GET H2	200	header.469ca0b6.svg covid.ardi.ge/img/	5 KB 5 KB	151ms 151ms	Image image/svg+xml	213.131.38.13 SILKNET
General Check archive.org Show headers Download Go to Show image Full URL https://covid.ardi.ge/img/header.469ca0b6.svg Requested by Host: covid.ardi.ge URL: https://covid.ardi.ge/css/app.15b99565.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 213.131.38.13 Tbilisi, Georgia, ASN15491 (SILKNET, GE), Reverse DNS ge-tbs-isani-cb-feth2-54.wanex.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `c1eced34ff328124d7e08d635a86f6a802341f2d74fe6e5339ac6ebf7bca0ffe` Request headers Referer https://covid.ardi.ge/css/app.15b99565.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 20 Sep 2020 20:39:49 GMT last-modified Fri, 18 Sep 2020 12:12:49 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET etag "1d68db50666a549" content-type image/svg+xml status 200 accept-ranges bytes content-length 5065
GET		NotoSerifGeorgian-Bold.1a7355f5.woff covid.ardi.ge/fonts/	0 0

GET H2	200	FiraGO-Regular.01e58f9e.woff covid.ardi.ge/fonts/	16 KB 0	159ms 158ms	Font application/font-woff	213.131.38.13 SILKNET
General Check archive.org Show headers Download Go to Full URL https://covid.ardi.ge/fonts/FiraGO-Regular.01e58f9e.woff Requested by Host: covid.ardi.ge URL: https://covid.ardi.ge/css/app.15b99565.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 213.131.38.13 Tbilisi, Georgia, ASN15491 (SILKNET, GE), Reverse DNS ge-tbs-isani-cb-feth2-54.wanex.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash Request headers Origin https://covid.ardi.ge Referer https://covid.ardi.ge/css/app.15b99565.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 20 Sep 2020 20:39:49 GMT last-modified Fri, 18 Sep 2020 12:12:49 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET etag "1d68db50663a2bc" content-type application/font-woff status 200 accept-ranges bytes content-length 332860
GET H2	200	NotoSansGeorgian-Bold.ef729575.woff covid.ardi.ge/fonts/	15 KB 15 KB	154ms 154ms	Font application/font-woff	213.131.38.13 SILKNET
General Check archive.org Show headers Download Go to Full URL https://covid.ardi.ge/fonts/NotoSansGeorgian-Bold.ef729575.woff Requested by Host: covid.ardi.ge URL: https://covid.ardi.ge/css/app.15b99565.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 213.131.38.13 Tbilisi, Georgia, ASN15491 (SILKNET, GE), Reverse DNS ge-tbs-isani-cb-feth2-54.wanex.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `ae7b3f184de7c0319b6eeeb5181bd1d82b177138d78cdad5a72eac58e371df1b` Request headers Origin https://covid.ardi.ge Referer https://covid.ardi.ge/css/app.15b99565.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 20 Sep 2020 20:39:49 GMT last-modified Fri, 18 Sep 2020 12:12:49 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET etag "1d68db506668c70" content-type application/font-woff status 200 accept-ranges bytes content-length 15088

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: covid.ardi.ge
URL: https://covid.ardi.ge/booking/GetBranches

Domain: covid.ardi.ge
URL: https://covid.ardi.ge/fonts/NotoSerifGeorgian-Bold.1a7355f5.woff

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

covid.ardi.ge
covid.ardi.ge
213.131.38.13
3535fbebcf9c91cbb3b237b081700b8ae4eca84185b66d4a055091a09a8e1821
65a5490ae11cd23d1a86d425b3f966a36c296be88cbc667abff2e9399aeb8521
7f01c7d59ffcf3d235a88c74e1939bcd8c858fa1fc834a128c24f6a8786ca245
ae7b3f184de7c0319b6eeeb5181bd1d82b177138d78cdad5a72eac58e371df1b
c1eced34ff328124d7e08d635a86f6a802341f2d74fe6e5339ac6ebf7bca0ffe
c3630e1783c044692e8cf9fd41c736848b9cbbae4da1d2614e79e0893398f8c9
c6cd5b4f4fdabddcc71381d4eb3f65bd4c2fa825dc5ddbe9f8d7b6eef84a840d
e55fab2bc0a20f1023917b8d22a78bb4682c0f81adb2586b84b28f100c8553d2

covid.ardi.ge Open in urlscan Pro 213.131.38.13 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

11 Requests

82 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

1020 kBTransfer

1035 kBSize

0 Cookies

0 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

Indicators

covid.ardi.ge Open in urlscan Pro
213.131.38.13 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

82 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

1020 kB
Transfer

1035 kB
Size

0
Cookies

11 HTTP transactions
0 data transactions