telegramfiles.com
Open in
urlscan Pro
148.251.75.38
Public Scan
Submission: On February 23 via api from US
Summary
This is the only time telegramfiles.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 148.251.75.38 148.251.75.38 | 24940 (HETZNER-AS) (HETZNER-AS) | |
1 | 2a00:1450:400... 2a00:1450:4001:800::2008 | 15169 (GOOGLE) (GOOGLE) | |
2 | 205.185.216.42 205.185.216.42 | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
2 | 2606:4700::68... 2606:4700::6811:4104 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 205.185.216.10 205.185.216.10 | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
8 | 185.66.200.98 185.66.200.98 | 201702 (SKHOSTING-EU) (SKHOSTING-EU) | |
2 | 2a00:1450:400... 2a00:1450:4001:800::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:81d::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 49.12.12.32 49.12.12.32 | 24940 (HETZNER-AS) (HETZNER-AS) | |
19 | 9 |
ASN24940 (HETZNER-AS, DE)
PTR: static.38.75.251.148.clients.your-server.de
telegramfiles.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net
cdn.fluidplayer.com |
ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net
cdn.o333o.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN24940 (HETZNER-AS, DE)
PTR: static.32.12.12.49.clients.your-server.de
a.o333o.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
uprimp.com
uprimp.com |
3 KB |
2 |
google-analytics.com
www.google-analytics.com |
18 KB |
2 |
o333o.com
cdn.o333o.com a.o333o.com |
14 KB |
2 |
cloudflare.com
cdnjs.cloudflare.com |
82 KB |
2 |
fluidplayer.com
cdn.fluidplayer.com |
33 KB |
1 |
googleapis.com
fonts.googleapis.com |
791 B |
1 |
googletagmanager.com
www.googletagmanager.com |
28 KB |
1 |
telegramfiles.com
telegramfiles.com |
6 KB |
19 | 8 |
Domain | Requested by | |
---|---|---|
8 | uprimp.com |
telegramfiles.com
uprimp.com |
2 | www.google-analytics.com |
www.googletagmanager.com
telegramfiles.com |
2 | cdnjs.cloudflare.com |
telegramfiles.com
|
2 | cdn.fluidplayer.com |
telegramfiles.com
|
1 | a.o333o.com |
cdn.o333o.com
|
1 | fonts.googleapis.com |
telegramfiles.com
|
1 | cdn.o333o.com |
telegramfiles.com
|
1 | www.googletagmanager.com |
telegramfiles.com
|
1 | telegramfiles.com | |
19 | 9 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.google-analytics.com GTS CA 1O1 |
2020-02-12 - 2020-05-06 |
3 months | crt.sh |
fluidplayer.com Let's Encrypt Authority X3 |
2020-01-16 - 2020-04-15 |
3 months | crt.sh |
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2019-12-05 - 2020-06-12 |
6 months | crt.sh |
*.storage.googleapis.com GTS CA 1O1 |
2020-02-12 - 2020-05-06 |
3 months | crt.sh |
a.o333o.com COMODO RSA Domain Validation Secure Server CA |
2018-01-16 - 2021-02-12 |
3 years | crt.sh |
This page contains 5 frames:
Primary Page:
http://telegramfiles.com/1903080/ExpressVPN%20(@ApksApps)%20V7.9.2.apk.html
Frame ID: 2962AA3AA4668C73EE2E2E43B422AE91
Requests: 15 HTTP requests in this frame
Frame:
http://uprimp.com/bnr_xload.php?section=mobile&pub=841753&format=300x50&ga=g&xt=158247149952764&xtt=1171420
Frame ID: 13B841CD4D6BE4ED44D76DEA48211764
Requests: 1 HTTP requests in this frame
Frame:
http://uprimp.com/bnr_xload.php?section=main1&pub=841753&format=300x250&ga=g&xt=158247149985721&xtt=3973931
Frame ID: 983A27D2FE0240577ED9041E956F5796
Requests: 1 HTTP requests in this frame
Frame:
http://uprimp.com/bnr_xload.php?section=main2&pub=841753&format=300x250&ga=g&xt=158247149961592&xtt=6839058
Frame ID: E6CC8BA56D6D93FFCA90DC2215832E65
Requests: 1 HTTP requests in this frame
Frame:
http://uprimp.com/bnr_xload.php?section=main3&pub=841753&format=300x250&ga=g&xt=158247149985088&xtt=8404685
Frame ID: 9B63D11E320D99F5EE09ABB67CBF7150
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
Ubuntu (Operating Systems) ExpandDetected patterns
- headers server /Ubuntu/i
Nginx (Web Servers) Expand
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Font Awesome (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Google AdSense (Advertising Networks) Expand
Detected patterns
- script /googlesyndication\.com\//i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
ExpressVPN%20(@ApksApps)%20V7.9.2.apk.html
telegramfiles.com/1903080/ |
5 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
74 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fluidplayer.min.css
cdn.fluidplayer.com/v2/current/ |
34 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fluidplayer.min.js
cdn.fluidplayer.com/v2/current/ |
122 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
asg_embed.js
cdn.o333o.com/ |
39 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bnr.php
uprimp.com/ |
370 B 718 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bnr.php
uprimp.com/ |
371 B 719 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bnr.php
uprimp.com/ |
371 B 720 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bnr.php
uprimp.com/ |
371 B 719 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
44 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/r/ |
35 B 101 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
5 KB 791 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
199784
a.o333o.com/api/spots/ |
391 B 619 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bnr_xload.php
uprimp.com/ Frame 13B8 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
bnr_xload.php
uprimp.com/ Frame 983A |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
bnr_xload.php
uprimp.com/ Frame E6CC |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bnr_xload.php
uprimp.com/ Frame 9B63 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ |
75 KB 76 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
22 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| gtag object| dataLayer object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData string| fluidPlayerScriptLocation object| fluidPlayerClass function| fluidPlayer object| NaConf object| __AsgCookies object| asgPopScript object| __asgStorageDriver object| __NA string| popns object| __ASG number| qs12 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
namel.net/ | Name: used_ad2241891 Value: 1 |
|
uprimp.com/ | Name: used_ad2307197 Value: 1 |
|
.telegramfiles.com/ | Name: _gid Value: GA1.2.405987749.1582471500 |
|
uprimp.com/ | Name: total_impressions Value: 1 |
|
uprimp.com/ | Name: cpa_673873 Value: 300x250_294466152_0 |
|
namel.net/ | Name: used_ad2307197 Value: 1 |
|
uprimp.com/ | Name: MarketGidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22http%3A%2F%2Fuprimp.com%2Fbnr_xload.php%3Fsection%3Dmain3%26pub%3D841753%26format%3D300x250%26ga%3Dg%26xt%3D158247149985088%26xtt%3D8404685%22%2C%22svsds%22%3A1%2C%22TejndEEDj%22%3A%22R36jh7cwN%22%7D%2C%22C397703%22%3A%7B%22page%22%3A1%2C%22time%22%3A1582471501496%7D%7D |
|
uprimp.com/ | Name: used_ad2241891 Value: 1 |
|
telegramfiles.com/ | Name: asgsl Value: 199784%3Dkeep_looping%3Afalse%2Cnoloop%3Atrue%2Cshows_limit%3A1 |
|
.telegramfiles.com/ | Name: _gat_gtag_UA_150899596_1 Value: 1 |
|
namel.net/148bcf03fc/bb6bac9292 | Name: total_impressions Value: 1 |
|
.telegramfiles.com/ | Name: _ga Value: GA1.2.1693503599.1582471500 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a.o333o.com
cdn.fluidplayer.com
cdn.o333o.com
cdnjs.cloudflare.com
fonts.googleapis.com
telegramfiles.com
uprimp.com
www.google-analytics.com
www.googletagmanager.com
148.251.75.38
185.66.200.98
205.185.216.10
205.185.216.42
2606:4700::6811:4104
2a00:1450:4001:800::2008
2a00:1450:4001:800::200e
2a00:1450:4001:81d::200a
49.12.12.32
08c6e4326ec4c82886daefa14ea403335f35d71735a5c9671b97aff68f6098cb
12076398bab379e22bf8999dc693ea82014ddf09364f414bed3c4b90265c8e8c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2ebf8bed4b88d8e2b51acd053c6b14e199a3d2c68225edfd57dba80ea1217203
437179ef6497641e0404fc5d5677e010767d076097dd267e1f599eb546ba5d26
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
815d92b63a87d1d39dd176e331fc09851953a693ad85593810fabd68645caccd
82d005587432345ea7e3ddf5a89c2840ad2e74ef7265b03ea42b8a58444bf6cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83e08443e9b4b4f6fea9e67896e09f6a6395c6c87fb0833443809500b028b043
9ed55ad63da5d4fc322b4798ec12ddacea4c0544aa2ca06118609071dc31694c
b89485f60b9d7cf92ab0ac946c1728454a609e4466026626035e2102b4811193
bfa21901e87e44f386b8208764bc596acaaaa085e560bf989d40982eb0e5a7c8
c9e1312fb7f3cbe6a8165a0953ba8b8849c8ac2e7a9951e26551f7cfe19cdd55
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d