d.file2go.ru - urlscan.io

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 4 HTTP transactions. The main IP is 137.74.236.115, located in France and belongs to OVH, FR. The main domain is d.file2go.ru.

This is the only time d.file2go.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2606:4700:303... 2606:4700:3030::6818:72f2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	137.74.236.115 137.74.236.115	16276 (OVH) (OVH)
4	2

3 2606:4700:3030::6818:72f2 (United States)

ASN13335 (CLOUDFLARENET, US)

www.googleupl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 137.74.236.115 (France)

ASN16276 (OVH, FR)
PTR: ip115.ip-137-74-236.eu

d.file2go.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	googleupl.com www.googleupl.com	32 KB
1	file2go.ru d.file2go.ru	392 B
4	2

	Domain	Requested by
3	www.googleupl.com	www.googleupl.com
1	d.file2go.ru
4	2

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-09-30` - `2020-09-29`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://d.file2go.ru/v/?s=_&sid=
Frame ID: AB3C0EE140DAD5D982D03CF1BD848138
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.googleupl.com/ Page URL
http://d.file2go.ru/v/?s=_&sid= Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

4
Requests

75 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

32 kB
Transfer

34 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.googleupl.com/ Page URL
http://d.file2go.ru/v/?s=_&sid= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response www.googleupl.com/	3 KB 1 KB	495ms 464ms	Document text/html	2606:4700:3030::6818:72f2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.googleupl.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6818:72f2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.4.4-14+deb7u8 Resource Hash `a8941e842d5f1d0bca047803d53c546e2e06bd7c58df93a4ed56b74b95cec2d9` Request headers :method GET :authority www.googleupl.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-dest document accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Response headers status 200 date Thu, 05 Mar 2020 02:46:19 GMT content-type text/html; charset=utf-8 set-cookie __cfduid=db1a09fcd471da8401cbbb7db86022aa01583376379; expires=Sat, 04-Apr-20 02:46:19 GMT; path=/; domain=.googleupl.com; HttpOnly; SameSite=Lax x-powered-by PHP/5.4.4-14+deb7u8 vary Accept-Encoding cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 56f08182ccdc1752-FRA content-encoding br
GET H2	200	stl2.css www.googleupl.com/Google/	2 KB 771 B	96ms 95ms	Stylesheet text/css	2606:4700:3030::6818:72f2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.googleupl.com/Google/stl2.css Requested by Host: www.googleupl.com URL: https://www.googleupl.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6818:72f2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6d3a9785deaff945701bf8452a5048d0dc78608a3b4eb2da1ce276418fd9ca4b` Request headers Referer https://www.googleupl.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Thu, 05 Mar 2020 02:46:19 GMT content-encoding br cf-cache-status MISS last-modified Thu, 25 May 2017 14:50:29 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control max-age=315360000 cf-ray 56f08185b82a1752-FRA expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	download-icon-png-4374R.png www.googleupl.com/img/	29 KB 29 KB	95ms 95ms	Image image/png	2606:4700:3030::6818:72f2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.googleupl.com/img/download-icon-png-4374R.png Requested by Host: www.googleupl.com URL: https://www.googleupl.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6818:72f2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c13ae8e2aba5b2df2b200a06dd16c24e90e02af828c445bf71a1d2e435adf889` Request headers Referer https://www.googleupl.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Thu, 05 Mar 2020 02:46:19 GMT cf-cache-status MISS last-modified Thu, 25 May 2017 13:29:34 GMT server cloudflare etag "5926dc3e-7483" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control max-age=315360000 accept-ranges bytes cf-ray 56f08185b82b1752-FRA content-length 29827 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	404 Not Found	Primary Request / Show response d.file2go.ru/v/	200 B 392 B	535ms 59ms	Document text/html	137.74.236.115 OVH
General Check archive.org Show headers Download Go to Full URL http://d.file2go.ru/v/?s=_&sid= Protocol HTTP/1.1 Server 137.74.236.115 , France, ASN16276 (OVH, FR), Reverse DNS ip115.ip-137-74-236.eu Software nginx / Resource Hash `4624878711ab44e53354c640f8e7c1e62c490da64b1836934cd1132481c01ccf` Request headers Host d.file2go.ru Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Server nginx Date Thu, 05 Mar 2020 02:46:25 GMT Content-Type text/html; charset=iso-8859-1 Content-Length 200 Connection keep-alive Keep-Alive timeout=60

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d.file2go.ru
www.googleupl.com
137.74.236.115
2606:4700:3030::6818:72f2
4624878711ab44e53354c640f8e7c1e62c490da64b1836934cd1132481c01ccf
6d3a9785deaff945701bf8452a5048d0dc78608a3b4eb2da1ce276418fd9ca4b
a8941e842d5f1d0bca047803d53c546e2e06bd7c58df93a4ed56b74b95cec2d9
c13ae8e2aba5b2df2b200a06dd16c24e90e02af828c445bf71a1d2e435adf889

d.file2go.ru Open in urlscan Pro 137.74.236.115 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

4 Requests

75 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

32 kBTransfer

34 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

Indicators

d.file2go.ru Open in urlscan Pro
137.74.236.115 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

75 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

32 kB
Transfer

34 kB
Size

0
Cookies

4 HTTP transactions
0 data transactions