gosuslugi-covid19.ru

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 6 HTTP transactions. The main IP is 2a00:f940:2:2:1:1:0:136, located in Russian Federation and belongs to AS-REG, RU. The main domain is gosuslugi-covid19.ru.
TLS certificate: Issued by R3 on November 22nd 2022. Valid for: 3 months.

This is the only time gosuslugi-covid19.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2a00:f940:2:2... 2a00:f940:2:2:1:1:0:136	197695 (AS-REG) (AS-REG)
2	93.93.89.12 93.93.89.12	34879 (CCT-AS NG...) (CCT-AS NGENIX)
6	3

4 2a00:f940:2:2:1:1:0:136 (Russian Federation)

ASN197695 (AS-REG, RU)

gosuslugi-covid19.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 93.93.89.12 (Russian Federation)

ASN34879 (CCT-AS NGENIX, RU)
PTR: cdn.ngenix.net

gu-st.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	gosuslugi-covid19.ru gosuslugi-covid19.ru	131 KB
2	gu-st.ru gu-st.ru — Cisco Umbrella Rank: 178378	445 KB
6	2

	Domain	Requested by
4	gosuslugi-covid19.ru	gosuslugi-covid19.ru
2	gu-st.ru	gosuslugi-covid19.ru
6	2

This site contains links to these domains. Also see Links.

Domain
www.gosuslugi.ru

Subject Issuer	Validity	Valid
gosuslugi-covid19.ru R3	`2022-11-22` - `2023-02-20`	3 months	crt.sh
gu-st.ru GlobalSign GCC R3 DV TLS CA 2020	`2022-03-18` - `2023-04-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://gosuslugi-covid19.ru/
Frame ID: 318B2F48D89387D830D8D4C5008A45BA
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Портал государственных услуг Российской Федерации

Page Statistics

6
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

575 kB
Transfer

944 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.gosuslugi.ru/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response gosuslugi-covid19.ru/	89 KB 31 KB	2355ms 562ms	Document text/html	2a00:f940:2:2:1:1:0:136 AS-REG
General Check archive.org Show headers Download Go to Full URL https://gosuslugi-covid19.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:f940:2:2:1:1:0:136 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS Software nginx / Resource Hash `4db11ad5c166f57ba94bdff3e93ef6c585be8213a69990a5ccc1a0a8905ae0ac` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers content-encoding gzip content-type text/html date Tue, 22 Nov 2022 10:10:31 GMT server nginx vary Accept-Encoding
GET H2	200	index.f84843dceaeb3df6706f.min.js Show response gosuslugi-covid19.ru/	89 KB 30 KB	268ms 267ms	Script application/javascript	2a00:f940:2:2:1:1:0:136 AS-REG
General Check archive.org Show headers Download Go to Full URL https://gosuslugi-covid19.ru/index.f84843dceaeb3df6706f.min.js Requested by Host: gosuslugi-covid19.ru URL: https://gosuslugi-covid19.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:f940:2:2:1:1:0:136 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS Software nginx / Resource Hash `26f40635f4ee6b4a598314b915a4489d149cd0773e98133777578a0e0231ca62` Request headers accept-language jp-JP,jp;q=0.9 Referer https://gosuslugi-covid19.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Tue, 22 Nov 2022 10:10:32 GMT content-encoding gzip last-modified Tue, 22 Nov 2022 09:59:39 GMT server nginx etag W/"637c9d8b-16218" vary Accept-Encoding content-type application/javascript cache-control max-age=3888000 expires Fri, 06 Jan 2023 10:10:32 GMT
GET H2	200	index.845e79068483fa49ece7.min.css gosuslugi-covid19.ru/	23 KB 6 KB	275ms 275ms	Stylesheet text/css	2a00:f940:2:2:1:1:0:136 AS-REG
General Check archive.org Show headers Download Go to Full URL https://gosuslugi-covid19.ru/index.845e79068483fa49ece7.min.css Requested by Host: gosuslugi-covid19.ru URL: https://gosuslugi-covid19.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:f940:2:2:1:1:0:136 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS Software nginx / Resource Hash `4567375ba5ecbf5766a7d62a178c35baecc7a4b0015675ae0ac30484063093e9` Request headers accept-language jp-JP,jp;q=0.9 Referer https://gosuslugi-covid19.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Tue, 22 Nov 2022 10:10:32 GMT content-encoding gzip last-modified Tue, 22 Nov 2022 09:59:39 GMT server nginx etag W/"637c9d8b-5b76" vary Accept-Encoding content-type text/css cache-control max-age=3888000 expires Fri, 06 Jan 2023 10:10:32 GMT
GET H2	404	config.json Show response gosuslugi-covid19.ru/covid-web/	293 KB 64 KB	290ms 290ms	Fetch text/html	2a00:f940:2:2:1:1:0:136 AS-REG
General Check archive.org Show headers Download Go to Full URL https://gosuslugi-covid19.ru/covid-web/config.json?_=0.4001241166227847 Requested by Host: gosuslugi-covid19.ru URL: https://gosuslugi-covid19.ru/index.f84843dceaeb3df6706f.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:f940:2:2:1:1:0:136 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS Software nginx / Resource Hash `8437781fdb1f5ed7d6d6bfc16a3540389562fbbfd34e5f635967dcded7173ca3` Request headers accept-language jp-JP,jp;q=0.9 Referer https://gosuslugi-covid19.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Tue, 22 Nov 2022 10:10:32 GMT content-encoding gzip server nginx vary Accept-Encoding content-type text/html; charset=utf-8
GET DATA	200 OK	truncated /	5 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `536ed9fb1f1387eb3d20301a6a01c1ae1892fb133b99be8b53ee7923b5d0e244` Request headers accept-language jp-JP,jp;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	Lato-Regular.bb882f4771ef3a86e3a1.woff2 gu-st.ru/covid-web-st/static-pages-assets/	222 KB 222 KB	1765ms 293ms	Font application/octet-stream	93.93.89.12 CCT-AS NGENIX
General Check archive.org Show headers Download Go to Full URL https://gu-st.ru/covid-web-st/static-pages-assets/Lato-Regular.bb882f4771ef3a86e3a1.woff2 Requested by Host: gosuslugi-covid19.ru URL: https://gosuslugi-covid19.ru/index.845e79068483fa49ece7.min.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.93.89.12 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU), Reverse DNS cdn.ngenix.net Software nginx / Resource Hash `a506a2f0dd72aa9666ec768c0b28e0053c048d4e88b922c4451df8bb35cbe5e4` Request headers Referer https://gosuslugi-covid19.ru/ Origin https://gosuslugi-covid19.ru accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Tue, 22 Nov 2022 10:10:34 GMT content-encoding gzip x-ngenix-cache HIT, HIT last-modified Mon, 31 Oct 2022 07:38:49 GMT server nginx etag W/"635f7b89-37834" vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type application/octet-stream access-control-allow-origin * access-control-expose-headers X-Cache-Date,Authorization,Accept cache-control max-age=7200 access-control-allow-credentials true access-control-allow-headers X-Origin, Accept, Authorization, Cache-Control, Content-Type, DNT, If-Modified-Since, Keep-Alive, Origin, User-Agent, X-Mx-ReqToken, X-Requested-With, X-TimeZone-Offset, X-Origin, Accept, Authorization, srcUrl, DNT, X-Mx-ReqToken, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, X-Cache-Date, X-Atmosphere-tracking-id, X-B3-Spanid, X-Atmosphere-Framework, X-TimeZone-Offset, X-Atmosphere-Transport, test-scope, schema, x-order-id, x-form-id, X-B3-TraceId, X-B3-SpanId, X-B3-ParentSpanId, X-B3-Sampled, * expires Tue, 22 Nov 2022 10:11:06 GMT
GET H2	200	Lato-Bold.39775d377afbc753c1d1.woff2 gu-st.ru/covid-web-st/static-pages-assets/	223 KB 223 KB	2412ms 940ms	Font application/octet-stream	93.93.89.12 CCT-AS NGENIX
General Check archive.org Show headers Download Go to Full URL https://gu-st.ru/covid-web-st/static-pages-assets/Lato-Bold.39775d377afbc753c1d1.woff2 Requested by Host: gosuslugi-covid19.ru URL: https://gosuslugi-covid19.ru/index.845e79068483fa49ece7.min.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.93.89.12 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU), Reverse DNS cdn.ngenix.net Software nginx / Resource Hash `79af3777688e4135969f0ded09a3789f77852392c017150dcaacdaa2227ecccf` Request headers Referer https://gosuslugi-covid19.ru/ Origin https://gosuslugi-covid19.ru accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Tue, 22 Nov 2022 10:10:34 GMT content-encoding gzip x-ngenix-cache HIT, HIT last-modified Mon, 31 Oct 2022 07:38:42 GMT server nginx etag W/"635f7b82-37d4c" vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type application/octet-stream access-control-allow-origin * access-control-expose-headers X-Cache-Date,Authorization,Accept cache-control max-age=7200 access-control-allow-credentials true access-control-allow-headers X-Origin, Accept, Authorization, Cache-Control, Content-Type, DNT, If-Modified-Since, Keep-Alive, Origin, User-Agent, X-Mx-ReqToken, X-Requested-With, X-TimeZone-Offset, X-Origin, Accept, Authorization, srcUrl, DNT, X-Mx-ReqToken, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, X-Cache-Date, X-Atmosphere-tracking-id, X-B3-Spanid, X-Atmosphere-Framework, X-TimeZone-Offset, X-Atmosphere-Transport, test-scope, schema, x-order-id, x-form-id, X-B3-TraceId, X-B3-SpanId, X-B3-ParentSpanId, X-B3-Sampled, * expires Tue, 22 Nov 2022 11:25:02 GMT

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| langSwitch function| hotReload object| APP_HELPERS

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://gosuslugi-covid19.ru/covid-web/config.json?_=0.4001241166227847 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

gosuslugi-covid19.ru
gu-st.ru
2a00:f940:2:2:1:1:0:136
93.93.89.12
26f40635f4ee6b4a598314b915a4489d149cd0773e98133777578a0e0231ca62
4567375ba5ecbf5766a7d62a178c35baecc7a4b0015675ae0ac30484063093e9
4db11ad5c166f57ba94bdff3e93ef6c585be8213a69990a5ccc1a0a8905ae0ac
536ed9fb1f1387eb3d20301a6a01c1ae1892fb133b99be8b53ee7923b5d0e244
79af3777688e4135969f0ded09a3789f77852392c017150dcaacdaa2227ecccf
8437781fdb1f5ed7d6d6bfc16a3540389562fbbfd34e5f635967dcded7173ca3
a506a2f0dd72aa9666ec768c0b28e0053c048d4e88b922c4451df8bb35cbe5e4

gosuslugi-covid19.ru Open in urlscan Pro 2a00:f940:2:2:1:1:0:136 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

6 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

3 IPs

1 Countries

575 kBTransfer

944 kBSize

0 Cookies

1 Outgoing links

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

gosuslugi-covid19.ru Open in urlscan Pro
2a00:f940:2:2:1:1:0:136 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

575 kB
Transfer

944 kB
Size

0
Cookies

6 HTTP transactions
1 data transactions