virl.ws
Open in
urlscan Pro
74.3.166.74
Public Scan
URL:
https://virl.ws/s/uni-muenster-it/
Submission Tags: https://phish.report @phish_report Search All
Submission: On March 21 via api from FI — Scanned from CA
Submission Tags: https://phish.report @phish_report Search All
Submission: On March 21 via api from FI — Scanned from CA
Summary
This website contacted 6 IPs
in 3 countries
across 6 domains to perform 24 HTTP transactions.
The main IP is 74.3.166.74, located in
Canada and
belongs to SHAW, CA.
The main domain is virl.ws.
TLS certificate: Issued by cPanel, Inc. Certification Authority on January 11th 2023. Valid for: 3 months.
This is the only time virl.ws was scanned on urlscan.io!
TLS certificate: Issued by cPanel, Inc. Certification Authority on January 11th 2023. Valid for: 3 months.
This is the only time virl.ws was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 8 | 74.3.166.74 74.3.166.74 | 6327 (SHAW) (SHAW) | |
| 3 | 2a02:4780:dea... 2a02:4780:dead:3a2f::1 | 204915 (AWEX) (AWEX) | |
| 10 | 209.94.172.151 209.94.172.151 | 10352 (WCTC) (WCTC) | |
| 1 | 2001:4cf0:2:2... 2001:4cf0:2:20::80b0:6fa | 680 (DFN Verei...) (DFN Verein zur Foerderung eines Deutschen Forschungsnetzes e.V.) | |
| 1 | 2606:4700::68... 2606:4700::6811:a329 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 24 | 6 |
10
209.94.172.151
(Wisconsin Rapids, United States)
ASN10352 (WCTC, US)
PTR: webmail.solarus.net
ASN10352 (WCTC, US)
PTR: webmail.solarus.net
| webmail.wctc.net |
1
2001:4cf0:2:20::80b0:6fa
(Münster, Germany)
ASN680 (DFN Verein zur Foerderung eines Deutschen Forschungsnetzes e.V., DE)
ASN680 (DFN Verein zur Foerderung eines Deutschen Forschungsnetzes e.V., DE)
| www.uni-muenster.de |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 10 |
wctc.net
webmail.wctc.net |
231 KB |
| 4 |
viralurl.com
1 redirects
viralurl.com |
19 KB |
| 4 |
virl.ws
virl.ws |
104 KB |
| 3 |
000webhostapp.com
ltservicedh.000webhostapp.com |
5 KB |
| 1 |
000webhost.com
cdn.000webhost.com — Cisco Umbrella Rank: 85051 |
2 KB |
| 1 |
uni-muenster.de
www.uni-muenster.de — Cisco Umbrella Rank: 706651 |
2 KB |
| 24 | 6 |
| Domain | Requested by | |
|---|---|---|
| 10 | webmail.wctc.net |
ltservicedh.000webhostapp.com
webmail.wctc.net |
| 4 | viralurl.com |
1 redirects
virl.ws
|
| 4 | virl.ws |
virl.ws
|
| 3 | ltservicedh.000webhostapp.com |
virl.ws
ltservicedh.000webhostapp.com |
| 1 | cdn.000webhost.com |
ltservicedh.000webhostapp.com
|
| 1 | www.uni-muenster.de |
ltservicedh.000webhostapp.com
|
| 24 | 6 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| viralurl.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| viralurl.com cPanel, Inc. Certification Authority |
2023-01-11 - 2023-04-11 |
3 months | crt.sh |
| *.000webhostapp.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1 |
2022-08-04 - 2023-07-10 |
a year | crt.sh |
| webmail.wctc.net Sectigo RSA Domain Validation Secure Server CA |
2022-08-08 - 2023-08-16 |
a year | crt.sh |
| www.uni-muenster.de Sectigo RSA Organization Validation Secure Server CA |
2022-11-11 - 2023-11-11 |
a year | crt.sh |
| *.000webhost.com Sectigo RSA Domain Validation Secure Server CA |
2023-01-10 - 2024-02-10 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://virl.ws/s/uni-muenster-it/
Frame ID: D39889CF7DEF20B86077C2978233BEAA
Requests: 7 HTTP requests in this frame
Frame:
https://ltservicedh.000webhostapp.com/muenster.html
Frame ID: 55198929EBFF475C88D73E91669642DB
Requests: 17 HTTP requests in this frame
Screenshot
Page Title
Sign InDetected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Gravatar
(Miscellaneous)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <[^>]+gravatar\.com/avatar/
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery UI
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery-ui.*\.js
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
URL: https://viralurl.com/uniaccess-t-VULink
Search URL Search Domain Scan URL
URL: https://viralurl.com/textadurl.php?id=304969&n=1
Title: Start 2023 With More $Cash$ In Your Pocket...!!
Title: Start 2023 With More $Cash$ In Your Pocket...!!
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 3- https://viralurl.com/go.php?id=835396&ua=Mozilla50WindowsNT100Win64x64AppleWebKit53736KHTMLlikeGeckoChrome1110556364Safari53736 HTTP 302
- https://ltservicedh.000webhostapp.com/muenster.html
24 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
/
virl.ws/s/uni-muenster-it/ |
14 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
font-awesome.min.css
virl.ws/aceadmin/dist/css/ |
21 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
adsdisplay.php
viralurl.com/ |
229 B 530 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.min.js
virl.ws/aceadmin/assets/js/ |
82 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
muenster.html
ltservicedh.000webhostapp.com/ Frame 5519 Redirect Chain
|
27 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
loading.gif
viralurl.com/images/ |
16 KB 17 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bwLogo3.png
viralurl.com/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
fontawesome-webfont.woff
virl.ws/aceadmin/dist/fonts/ |
64 KB 64 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bootstrap.min.css
webmail.wctc.net/skins/elastic/deps/ Frame 5519 |
152 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
styles.css
webmail.wctc.net/skins/elastic/styles/ Frame 5519 |
101 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-ui.css
webmail.wctc.net/plugins/jqueryui/themes/elastic/ Frame 5519 |
33 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
persistent_login.css
webmail.wctc.net/plugins/persistent_login/ Frame 5519 |
441 B 763 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.min.js
webmail.wctc.net/program/js/ Frame 5519 |
87 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
common.js
webmail.wctc.net/program/js/ Frame 5519 |
22 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
app.js
webmail.wctc.net/program/js/ Frame 5519 |
311 KB 77 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jstz.min.js
webmail.wctc.net/program/js/ Frame 5519 |
13 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-ui.min.js
ltservicedh.000webhostapp.com/plugins/jqueryui/js/ Frame 5519 |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
persistent_login.js
ltservicedh.000webhostapp.com/plugins/persistent_login/ Frame 5519 |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
wwu.svg
www.uni-muenster.de/imperia/md/images/allgemein/farbunabhaengig/ Frame 5519 |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bootstrap.bundle.min.js
webmail.wctc.net/skins/elastic/deps/ Frame 5519 |
77 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ui.js
webmail.wctc.net/skins/elastic/ Frame 5519 |
148 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
footer-powered-by-000webhost-white2.png
cdn.000webhost.com/000webhost/logo/ Frame 5519 |
2 KB 2 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
fa-solid-900.woff2
webmail.wctc.net/skins/elastic/fonts/ Frame 5519 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
fa-solid-900.woff
webmail.wctc.net/skins/elastic/fonts/ Frame 5519 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- webmail.wctc.net
- URL
- https://webmail.wctc.net/skins/elastic/fonts/fa-solid-900.woff2
- Domain
- webmail.wctc.net
- URL
- https://webmail.wctc.net/skins/elastic/fonts/fa-solid-900.woff
Verdicts & Comments Add Verdict or Comment
6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless function| $ function| jQuery function| updateSize function| onLoadHandler3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .virl.ws/ | Name: ltservicedh.000webhostapp.com Value: 304948%7C835396 |
|
| .virl.ws/ | Name: aff Value: 304948 |
|
| .virl.ws/ | Name: s--uni-muenster-it Value: 2023-03-21 |
8 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.000webhost.com
ltservicedh.000webhostapp.com
viralurl.com
virl.ws
webmail.wctc.net
www.uni-muenster.de
webmail.wctc.net
2001:4cf0:2:20::80b0:6fa
209.94.172.151
2606:4700::6811:a329
2a02:4780:dead:3a2f::1
74.3.166.74
06bd23ab85e71dcb4aabe629932bb6438fe0819cfd037fd5f53168af71db0c35
0797ab564939a8ca6d6653a09722ade1751d37c110a75b8fa68755b68e831b3c
0ab93901f06c59ffd398f490802273dd82147afcc3dbd35a56ccbe08633cd1f1
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
2e6619ebcc30ec8be8fa7d5d99fce3aea7cfd3ee528e016f313f1028c9ac3275
3e735a9880bf0bf27c32641063cccc60d93c53a7a77306dd6221f3db3c57ea20
542ac2738d21d5ea4a39cd05efc447c3b5ca553f212f1bff44215d3f5f007a6f
55655b3cff5606fa89cab02f3abc35e9b2b36f9d0bf85545683d2e9cf4e9fa15
619d0b508ce139b6c79bfe95cc9bcebd03054ceb06df7cbaa92de89ef538c65a
71ea0d63dc2e3325eab2ee473970cea07c1b8d8acfe12a39e0024041f17f08d6
7810cc568773dae4b86f4769f524e159347c8bb94f5526dde8a68fd3e9449860
86f2673ec74a632865109a76b2232f4f5b3587daa219e07a17ef1d9c76a0fda5
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
a0209ef6d29a5d8bac278e1bebdfea760c1549b46d50fada3bf6795d414941a9
b35a162d41837c0da38c00eebde236cfc2c166e949a50053cc508115f8546afe
bcd333cfd1527668838ada5de1947d551040805d6e7b1ddfe668650ed4a69ed0
c9893f911334bfa540b0ab825cc670dfc4dfbdc6030d67e3658b496f5c7d344a
d7298628da2acbf82b415d8faade7117f6634a9882fc592815e27fe169e1ea59
e60a859d11f8d25d362bfa847de294231d4b05389d9116cc2bf1d611c70cbc63
f9ddd1e64827cb0fa09d74aa581ecfd468212261fa170ec9baddbd678389b342