monitoring.sapatelemed.kz Open in urlscan Pro
185.98.5.117 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://monitoring.sapatelemed.kz/
Submission Tags: phishingrod
Submission: On December 29 via api (December 29th 2023, 3:16:21 am UTC) from DE — Scanned from DE

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 9 HTTP transactions. The main IP is 185.98.5.117, located in Astana, Kazakhstan and belongs to HOSTER-AST Hoster.KZ - Astana, KZ. The main domain is monitoring.sapatelemed.kz.
TLS certificate: Issued by R3 on December 29th 2023. Valid for: 3 months.

This is the only time monitoring.sapatelemed.kz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	185.98.5.117 185.98.5.117	207333 (HOSTER-AS...) (HOSTER-AST Hoster.KZ - Astana)
4	2606:4700::68... 2606:4700::6812:809	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2

5 185.98.5.117 (Astana, Kazakhstan)

ASN207333 (HOSTER-AST Hoster.KZ - Astana, KZ)
PTR: pkz9.hoster.kz

monitoring.sapatelemed.kz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:809 (United States)

ASN13335 (CLOUDFLARENET, US)

code.highcharts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	sapatelemed.kz monitoring.sapatelemed.kz	469 KB
4	highcharts.com code.highcharts.com — Cisco Umbrella Rank: 14675	154 KB
9	2

	Domain	Requested by
5	monitoring.sapatelemed.kz	monitoring.sapatelemed.kz
4	code.highcharts.com	monitoring.sapatelemed.kz
9	2

This site contains no links.

Subject Issuer	Validity	Valid
monitoring.sapatelemed.kz R3	`2023-12-29` - `2024-03-28`	3 months	crt.sh
highcharts.com Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://monitoring.sapatelemed.kz/
Frame ID: B1BCF1E7977D563BD729C044C057580A
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ТЕЛЕМЕДИЦИНА

Detected technologies

Highcharts (JavaScript Graphics) Expand

Overall confidence: 100%
Detected patterns

highcharts.*\.js

Page Statistics

9
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

623 kB
Transfer

2550 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response monitoring.sapatelemed.kz/	2 KB 816 B	6470ms 105ms	Document text/html	185.98.5.117 Astana
General Check archive.org Show headers Download Go to Full URL https://monitoring.sapatelemed.kz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.98.5.117 Astana, Kazakhstan, ASN207333 (HOSTER-AST Hoster.KZ - Astana, KZ), Reverse DNS pkz9.hoster.kz Software nginx / PleskLin Resource Hash `d379f0d766d7069541d2154e6992fffcd2a9e1a5b5feed286d846dbb3ddd9103` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding br content-type text/html; charset=UTF-8 date Fri, 29 Dec 2023 03:16:16 GMT etag W/"65784c25-62b" last-modified Tue, 12 Dec 2023 12:03:49 GMT server nginx x-powered-by PleskLin
GET H2	200	index.971033a4.js Show response monitoring.sapatelemed.kz/assets/	239 KB 27 KB	455ms 455ms	Script application/javascript	185.98.5.117 Astana
General Check archive.org Show headers Download Go to Full URL https://monitoring.sapatelemed.kz/assets/index.971033a4.js Requested by Host: monitoring.sapatelemed.kz URL: https://monitoring.sapatelemed.kz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.98.5.117 Astana, Kazakhstan, ASN207333 (HOSTER-AST Hoster.KZ - Astana, KZ), Reverse DNS pkz9.hoster.kz Software nginx / PleskLin Resource Hash `90d288aeab6af4756317df4491fc341a639b9a0334b2fb50dd73c3607f3ddb96` Request headers Referer https://monitoring.sapatelemed.kz/ Origin https://monitoring.sapatelemed.kz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 29 Dec 2023 03:16:16 GMT content-encoding br last-modified Tue, 12 Dec 2023 12:03:47 GMT server nginx etag W/"65784c23-3ba0e" x-powered-by PleskLin content-type application/javascript
GET H2	200	vendor.264b1d16.js Show response monitoring.sapatelemed.kz/assets/	1 MB 262 KB	247ms 246ms	Script application/javascript	185.98.5.117 Astana
General Check archive.org Show headers Download Go to Full URL https://monitoring.sapatelemed.kz/assets/vendor.264b1d16.js Requested by Host: monitoring.sapatelemed.kz URL: https://monitoring.sapatelemed.kz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.98.5.117 Astana, Kazakhstan, ASN207333 (HOSTER-AST Hoster.KZ - Astana, KZ), Reverse DNS pkz9.hoster.kz Software nginx / PleskLin Resource Hash `626129cca460cca5fd85c288beab60bc7fdc911e33d5bfdb81519975d6e04dfb` Request headers Referer Origin https://monitoring.sapatelemed.kz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 29 Dec 2023 03:16:16 GMT content-encoding br last-modified Tue, 12 Dec 2023 12:03:49 GMT server nginx etag W/"65784c25-120e4b" x-powered-by PleskLin content-type application/javascript
GET H2	200	index.1a9e3084.css monitoring.sapatelemed.kz/assets/	586 KB 74 KB	455ms 455ms	Stylesheet text/css	185.98.5.117 Astana
General Check archive.org Show headers Download Go to Full URL https://monitoring.sapatelemed.kz/assets/index.1a9e3084.css Requested by Host: monitoring.sapatelemed.kz URL: https://monitoring.sapatelemed.kz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.98.5.117 Astana, Kazakhstan, ASN207333 (HOSTER-AST Hoster.KZ - Astana, KZ), Reverse DNS pkz9.hoster.kz Software nginx / PleskLin Resource Hash `9ac7e3a41d0eb3cc5754f375723ca44512e503f004149ab1fc5e7fa3b6f60847` Request headers accept-language de-DE,de;q=0.9 Referer https://monitoring.sapatelemed.kz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 29 Dec 2023 03:16:16 GMT content-encoding br last-modified Tue, 12 Dec 2023 12:03:48 GMT server nginx etag W/"65784c24-92818" x-powered-by PleskLin content-type text/css
GET H2	200	highcharts.js Show response code.highcharts.com/	277 KB 97 KB	165ms 65ms	Script text/javascript	2606:4700::6812:809 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://code.highcharts.com/highcharts.js Requested by Host: monitoring.sapatelemed.kz URL: https://monitoring.sapatelemed.kz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:809 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2198e22afd8cfdb68859898ad4cb2a79f798cdd84256d70e13b027881bcfe46c` Request headers accept-language de-DE,de;q=0.9 Referer https://monitoring.sapatelemed.kz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 29 Dec 2023 03:16:16 GMT content-encoding gzip cf-cache-status HIT x-amz-request-id RPWMFFHHBJCHRJP8 age 5343 content-length 98735 x-amz-id-2 ZsimSNlCNfiqNrp6/GCPIAfCRx1i1YjreV2FL14ITbcP3hAjMFsYCkeRvyOaEjGmGC5PBG75pWY= last-modified Mon, 30 Oct 2023 13:54:46 GMT server cloudflare etag "4196e5e28800241d529a81eda20b860d" vary Accept-Encoding content-type text/javascript; charset=utf-8 cache-control public, max-age=2678400 accept-ranges bytes cf-ray 83cee2239d752bd3-FRA expires Mon, 29 Jan 2024 03:16:16 GMT
GET H2	200	exporting.js Show response code.highcharts.com/modules/	19 KB 7 KB	55ms 54ms	Script text/javascript	2606:4700::6812:809 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://code.highcharts.com/modules/exporting.js Requested by Host: monitoring.sapatelemed.kz URL: https://monitoring.sapatelemed.kz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:809 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7b59c7943a0e2b9393f00a853ae5efeef26bdff06c6b77979b1b29db6b73c36c` Request headers accept-language de-DE,de;q=0.9 Referer https://monitoring.sapatelemed.kz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 29 Dec 2023 03:16:17 GMT content-encoding gzip cf-cache-status HIT x-amz-request-id XP0RQVVVFP3TH4MP age 2505096 content-length 7234 x-amz-id-2 LyBcA3Qr6VaajxYMlL16VoAoIdXCaQcf/LKRnuWQ27Pkdo5VhpRyaoidDqEsjWFbBNQ1m53unSo= last-modified Mon, 30 Oct 2023 13:54:46 GMT server cloudflare etag "9ee6867675e2b3f05aecb160c914cf12" vary Accept-Encoding content-type text/javascript; charset=utf-8 cache-control public, max-age=2678400 accept-ranges bytes cf-ray 83cee2268ede2bd3-FRA expires Mon, 29 Jan 2024 03:16:17 GMT
GET H2	200	export-data.js Show response code.highcharts.com/modules/	12 KB 5 KB	59ms 59ms	Script text/javascript	2606:4700::6812:809 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://code.highcharts.com/modules/export-data.js Requested by Host: monitoring.sapatelemed.kz URL: https://monitoring.sapatelemed.kz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:809 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `31db4cd4bf9e04d306b1cb6b17c530f9490928aee95d11ee196021360b13a4ca` Request headers accept-language de-DE,de;q=0.9 Referer https://monitoring.sapatelemed.kz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 29 Dec 2023 03:16:17 GMT content-encoding gzip cf-cache-status HIT x-amz-request-id MVWTJK6PWMW15WN5 age 2591133 content-length 5132 x-amz-id-2 032rTgTSlrJEULWGyD/pUeZ5GRRrtzBS1w9TL3toGMc2AC1HPkmFJYa2bvKdS6ZxQ4HtQKgtelU= last-modified Mon, 30 Oct 2023 13:54:46 GMT server cloudflare etag "a99b0a48dec80497f424af202ef772fb" vary Accept-Encoding content-type text/javascript; charset=utf-8 cache-control public, max-age=2678400 accept-ranges bytes cf-ray 83cee226ef0c2bd3-FRA expires Mon, 29 Jan 2024 03:16:17 GMT
GET H2	200	accessibility.js Show response code.highcharts.com/modules/	156 KB 45 KB	50ms 50ms	Script text/javascript	2606:4700::6812:809 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://code.highcharts.com/modules/accessibility.js Requested by Host: monitoring.sapatelemed.kz URL: https://monitoring.sapatelemed.kz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:809 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `87fec28e8161efdf7ccca7dd00b5608af2798861f05a3b7e6a5d4bcccf46f4ff` Request headers accept-language de-DE,de;q=0.9 Referer https://monitoring.sapatelemed.kz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 29 Dec 2023 03:16:17 GMT content-encoding gzip cf-cache-status HIT x-amz-request-id C60BM5TV79Y8YG9E age 5314 content-length 45552 x-amz-id-2 rZoofEvAquB8MpjVIbdtqsAg9eB3z+Z0x9H1eStnszt6ZEruPCvwpvr8HJnmzVtRmHb7LvahfTI= last-modified Mon, 30 Oct 2023 13:54:46 GMT server cloudflare etag "6ba58e7df5c870586738ff31c7071015" vary Accept-Encoding content-type text/javascript; charset=utf-8 cache-control public, max-age=2678400 accept-ranges bytes cf-ray 83cee2274f4a2bd3-FRA expires Mon, 29 Jan 2024 03:16:17 GMT
GET H2	200	Framework7Icons-Regular.a42aa071.woff2 monitoring.sapatelemed.kz/assets/	105 KB 105 KB	108ms 107ms	Font font/woff2	185.98.5.117 Astana
General Check archive.org Show headers Download Go to Full URL https://monitoring.sapatelemed.kz/assets/Framework7Icons-Regular.a42aa071.woff2 Requested by Host: monitoring.sapatelemed.kz URL: https://monitoring.sapatelemed.kz/assets/index.1a9e3084.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.98.5.117 Astana, Kazakhstan, ASN207333 (HOSTER-AST Hoster.KZ - Astana, KZ), Reverse DNS pkz9.hoster.kz Software nginx / PleskLin Resource Hash `a42aa071915d1b8f135ee790f6dae197b115f39f858e19da41a5a9eca3efd6f4` Request headers Referer https://monitoring.sapatelemed.kz/assets/index.1a9e3084.css Origin https://monitoring.sapatelemed.kz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 29 Dec 2023 03:16:17 GMT content-encoding gzip last-modified Tue, 12 Dec 2023 12:03:47 GMT server nginx etag W/"65784c23-1a398" x-powered-by PleskLin content-type font/woff2

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.highcharts.com/	1969-12-31 23:59:59	Name: _cfuvid Value: Gq6WmwB0LvXiKoMAQU1Gmc.b34zXfrJavp8a772vSWs-1703819776597-0-604800000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.highcharts.com
monitoring.sapatelemed.kz
185.98.5.117
2606:4700::6812:809
2198e22afd8cfdb68859898ad4cb2a79f798cdd84256d70e13b027881bcfe46c
31db4cd4bf9e04d306b1cb6b17c530f9490928aee95d11ee196021360b13a4ca
626129cca460cca5fd85c288beab60bc7fdc911e33d5bfdb81519975d6e04dfb
7b59c7943a0e2b9393f00a853ae5efeef26bdff06c6b77979b1b29db6b73c36c
87fec28e8161efdf7ccca7dd00b5608af2798861f05a3b7e6a5d4bcccf46f4ff
90d288aeab6af4756317df4491fc341a639b9a0334b2fb50dd73c3607f3ddb96
9ac7e3a41d0eb3cc5754f375723ca44512e503f004149ab1fc5e7fa3b6f60847
a42aa071915d1b8f135ee790f6dae197b115f39f858e19da41a5a9eca3efd6f4
d379f0d766d7069541d2154e6992fffcd2a9e1a5b5feed286d846dbb3ddd9103

monitoring.sapatelemed.kz Open in urlscan Pro 185.98.5.117 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

9 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

623 kBTransfer

2550 kBSize

1 Cookies

0 Outgoing links

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

1 Cookies

Indicators

monitoring.sapatelemed.kz Open in urlscan Pro
185.98.5.117 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

623 kB
Transfer

2550 kB
Size

1
Cookies

9 HTTP transactions
0 data transactions