virustruth.net Open in urlscan Pro
208.94.117.174 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://virustruth.net/
Submission: On December 30 via api (December 30th 2024, 6:08:30 pm UTC) from US — Scanned from CA

Summary HTTP 11 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 11 HTTP transactions. The main IP is 208.94.117.174, located in Phoenix, United States and belongs to GRIDFURY-AS, US. The main domain is virustruth.net.
TLS certificate: Issued by E5 on November 10th 2024. Valid for: 3 months.

This is the only time virustruth.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	208.94.117.174 208.94.117.174	40630 (GRIDFURY-AS) (GRIDFURY-AS)
2	49.13.203.20 49.13.203.20	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
11	3

9 208.94.117.174 (Phoenix, United States)

ASN40630 (GRIDFURY-AS, US)
PTR: ip-208-94-117-174.sites.nearlyfreespeech.net

virustruth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 49.13.203.20 (Nuremberg, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.20.203.13.49.clients.your-server.de

api.pirsch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	virustruth.net virustruth.net	195 KB
2	pirsch.io api.pirsch.io — Cisco Umbrella Rank: 115758	2 KB
11	2

	Domain	Requested by
9	virustruth.net	virustruth.net
2	api.pirsch.io	virustruth.net api.pirsch.io
11	2

This site contains links to these domains. Also see Links.

Domain
drtomcowan.com

Subject Issuer	Validity	Valid
virustruth.net E5	`2024-11-10` - `2025-02-08`	3 months	crt.sh
*.pirsch.io E6	`2024-12-24` - `2025-03-24`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://virustruth.net/
Frame ID: 492A8B2869DBF62FDE3A8998239FC2E4
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

11
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

197 kB
Transfer

377 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://drtomcowan.com/pages/subscribestar
Title: Dr. Tom Cowan SubscribeStar community

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response virustruth.net/	8 KB 4 KB	260ms 122ms	Document text/html	208.94.117.174 GRIDFURY-AS
General Check archive.org Show headers Download Go to Full URL https://virustruth.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 208.94.117.174 Phoenix, United States, ASN40630 (GRIDFURY-AS, US), Reverse DNS ip-208-94-117-174.sites.nearlyfreespeech.net Software Apache / Resource Hash `f0950d0e32b53e4b4b6da63ba07553589c5da3c2e2ede3a1c918c6982290ac9c` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers accept-ranges bytes content-encoding gzip content-length 3441 content-type text/html; charset=UTF-8 date Mon, 30 Dec 2024 18:08:21 GMT etag "215e-6261fbbe66b17" last-modified Tue, 05 Nov 2024 00:46:38 GMT server Apache vary Accept-Encoding via e14s x-robots-tag index, nofollow
GET H2	200	site.css virustruth.net/css/	549 B 389 B	478ms 476ms	Stylesheet text/css	208.94.117.174 GRIDFURY-AS
General Check archive.org Show headers Download Go to Full URL https://virustruth.net/css/site.css Requested by Host: virustruth.net URL: https://virustruth.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 208.94.117.174 Phoenix, United States, ASN40630 (GRIDFURY-AS, US), Reverse DNS ip-208-94-117-174.sites.nearlyfreespeech.net Software Apache / Resource Hash `f26fae0ead83ab9ddbd4a07bfd09f70379a4f3f74bb501495a1874c21413cbb9` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://virustruth.net/ Response headers x-robots-tag noindex, nofollow content-encoding gzip etag "225-6067771719d9c" via e14s accept-ranges bytes content-length 307 date Mon, 30 Dec 2024 18:08:21 GMT last-modified Fri, 29 Sep 2023 03:58:54 GMT content-type text/css server Apache vary Accept-Encoding
GET H2	200	bootstrap.min.css virustruth.net/css/	152 KB 22 KB	478ms 477ms	Stylesheet text/css	208.94.117.174 GRIDFURY-AS
General Check archive.org Show headers Download Go to Full URL https://virustruth.net/css/bootstrap.min.css Requested by Host: virustruth.net URL: https://virustruth.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 208.94.117.174 Phoenix, United States, ASN40630 (GRIDFURY-AS, US), Reverse DNS ip-208-94-117-174.sites.nearlyfreespeech.net Software Apache / Resource Hash `c99aa42afb5e3685758d2ee5c8c986a59dbce5364cf4607fc27ce8ada8448cda` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://virustruth.net/ Response headers x-robots-tag noindex, nofollow content-encoding gzip etag "260c6-5ef84b0268eb9" via e14s accept-ranges bytes date Mon, 30 Dec 2024 18:08:21 GMT last-modified Sun, 11 Dec 2022 03:07:33 GMT content-type text/css server Apache vary Accept-Encoding
GET H2	200	pirsch.js Show response api.pirsch.io/	4 KB 2 KB	1644ms 391ms	Script text/javascript	49.13.203.20 HETZNER-AS Hetzne...
General Check archive.org Show headers Download Go to Full URL https://api.pirsch.io/pirsch.js Requested by Host: virustruth.net URL: https://virustruth.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 49.13.203.20 Nuremberg, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE), Reverse DNS static.20.203.13.49.clients.your-server.de Software Caddy / Resource Hash `11ad518364a481031e68b0d740ac8b804d9bdf8846e48339bf804a7342853a30` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://virustruth.net/ Response headers cache-control max-age=86400 content-encoding gzip accept-ch Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-Width, Sec-CH-Viewport-Width alt-svc h3=":443"; ma=2592000 content-length 1592 date Mon, 30 Dec 2024 18:08:22 GMT content-type text/javascript last-modified Sun, 22 Dec 2024 16:42:50 GMT server Caddy vary Origin, Accept-Encoding
GET H2	200	duck1.png virustruth.net/img/	28 KB 28 KB	475ms 474ms	Image image/png	208.94.117.174 GRIDFURY-AS
General Check archive.org Show headers Download Go to Show image Full URL https://virustruth.net/img/duck1.png Requested by Host: virustruth.net URL: https://virustruth.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 208.94.117.174 Phoenix, United States, ASN40630 (GRIDFURY-AS, US), Reverse DNS ip-208-94-117-174.sites.nearlyfreespeech.net Software Apache / Resource Hash `2724376008c738fce7c5b4e9fb9ae5ca2c7e3f337faf6f19b262deddbbcab4bb` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://virustruth.net/ Response headers x-robots-tag noindex, nofollow etag "70fa-5e535d3b60587" via e14s accept-ranges bytes content-length 28922 date Mon, 30 Dec 2024 18:08:21 GMT last-modified Mon, 01 Aug 2022 22:50:31 GMT content-type image/png server Apache
GET H2	200	duck3.png virustruth.net/img/	34 KB 34 KB	478ms 477ms	Image image/png	208.94.117.174 GRIDFURY-AS
General Check archive.org Show headers Download Go to Show image Full URL https://virustruth.net/img/duck3.png Requested by Host: virustruth.net URL: https://virustruth.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 208.94.117.174 Phoenix, United States, ASN40630 (GRIDFURY-AS, US), Reverse DNS ip-208-94-117-174.sites.nearlyfreespeech.net Software Apache / Resource Hash `f542b26c8b6eeb837266a149f86cb217113b5e5eaa022ba754d72169c10cdd6e` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://virustruth.net/ Response headers x-robots-tag noindex, nofollow etag "8826-5e535d3af2f87" via e14s accept-ranges bytes content-length 34854 date Mon, 30 Dec 2024 18:08:21 GMT last-modified Mon, 01 Aug 2022 22:50:31 GMT content-type image/png server Apache
GET H2	200	duck5.png virustruth.net/img/	50 KB 50 KB	3472ms 3471ms	Image image/png	208.94.117.174 GRIDFURY-AS
General Check archive.org Show headers Download Go to Show image Full URL https://virustruth.net/img/duck5.png Requested by Host: virustruth.net URL: https://virustruth.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 208.94.117.174 Phoenix, United States, ASN40630 (GRIDFURY-AS, US), Reverse DNS ip-208-94-117-174.sites.nearlyfreespeech.net Software Apache / Resource Hash `f60f23a1f786a2cad70239c0be7e8b9bb1ef3e02adc100d1e013429c5be1d3c2` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://virustruth.net/ Response headers x-robots-tag noindex, nofollow etag "c79a-5ef0612e2bb2b" via e14s accept-ranges bytes content-length 51098 date Mon, 30 Dec 2024 18:08:21 GMT last-modified Sun, 04 Dec 2022 20:04:09 GMT content-type image/png server Apache
GET H2	200	duck2.png virustruth.net/img/	40 KB 40 KB	3262ms 3261ms	Image image/png	208.94.117.174 GRIDFURY-AS
General Check archive.org Show headers Download Go to Show image Full URL https://virustruth.net/img/duck2.png Requested by Host: virustruth.net URL: https://virustruth.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 208.94.117.174 Phoenix, United States, ASN40630 (GRIDFURY-AS, US), Reverse DNS ip-208-94-117-174.sites.nearlyfreespeech.net Software Apache / Resource Hash `43bfcf4c4190a1f91966f83b74b482e66bc48d34325c48f0789b417642f79f99` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://virustruth.net/ Response headers x-robots-tag noindex, nofollow etag "a08f-5e535d3a849e7" via e14s accept-ranges bytes content-length 41103 date Mon, 30 Dec 2024 18:08:21 GMT last-modified Mon, 01 Aug 2022 22:50:30 GMT content-type image/png server Apache
GET H2	200	bootstrap.min.js Show response virustruth.net/js/	59 KB 16 KB	3472ms 3472ms	Script text/javascript	208.94.117.174 GRIDFURY-AS
General Check archive.org Show headers Download Go to Full URL https://virustruth.net/js/bootstrap.min.js Requested by Host: virustruth.net URL: https://virustruth.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 208.94.117.174 Phoenix, United States, ASN40630 (GRIDFURY-AS, US), Reverse DNS ip-208-94-117-174.sites.nearlyfreespeech.net Software Apache / Resource Hash `5c36e28c9a7bd864b673e223db7e1934923227536ffbdf871f58b6f09b9ac8c9` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://virustruth.net/ Response headers x-robots-tag noindex, nofollow content-encoding gzip etag "eab9-5e41bb99bbcae" via e14s accept-ranges bytes date Mon, 30 Dec 2024 18:08:21 GMT last-modified Mon, 18 Jul 2022 22:16:52 GMT content-type text/javascript server Apache vary Accept-Encoding
GET DATA	200 OK	truncated /	273 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `953c39b93c46656e2d25a28dd13379498f98e991a78f682c4a42c951bc87a0f2` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml
GET H2	200	hit Show response api.pirsch.io/	0 109 B	393ms 139ms	XHR text/plain	49.13.203.20 HETZNER-AS Hetzne...
General Check archive.org Show headers Download Go to Full URL https://api.pirsch.io/hit?nc=1735582104882&code=7hkd4ktXGZOvLbegoIon6N0Dzp89pudo&url=https%3A%2F%2Fvirustruth.net%2F&t=Home&ref=&w=1600&h=1200 Requested by Host: api.pirsch.io URL: https://api.pirsch.io/pirsch.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 49.13.203.20 Nuremberg, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE), Reverse DNS static.20.203.13.49.clients.your-server.de Software Caddy / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://virustruth.net/ Response headers alt-svc h3=":443"; ma=2592000 access-control-allow-origin * content-length 0 date Mon, 30 Dec 2024 18:08:25 GMT vary Origin server Caddy access-control-allow-credentials true
GET H2	404	favicon.ico virustruth.net/	699 B 569 B	63ms 63ms	Other text/html	208.94.117.174 GRIDFURY-AS
General Check archive.org Show headers Download Go to Full URL https://virustruth.net/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 208.94.117.174 Phoenix, United States, ASN40630 (GRIDFURY-AS, US), Reverse DNS ip-208-94-117-174.sites.nearlyfreespeech.net Software Apache / Resource Hash `b7a4c70a7b462fe1406d671b294cc0773395f5dc3899ddad647b5d97a3a768d6` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://virustruth.net/ Response headers x-robots-tag noindex, nofollow content-encoding gzip etag "2bb-5f40e1547dc3e" via e14s accept-ranges bytes content-length 471 date Mon, 30 Dec 2024 18:08:26 GMT last-modified Mon, 06 Feb 2023 20:43:27 GMT content-type text/html; charset=UTF-8 server Apache vary Accept-Encoding

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| uidEvent object| bootstrap

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://virustruth.net/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.pirsch.io
virustruth.net
208.94.117.174
49.13.203.20
11ad518364a481031e68b0d740ac8b804d9bdf8846e48339bf804a7342853a30
2724376008c738fce7c5b4e9fb9ae5ca2c7e3f337faf6f19b262deddbbcab4bb
43bfcf4c4190a1f91966f83b74b482e66bc48d34325c48f0789b417642f79f99
5c36e28c9a7bd864b673e223db7e1934923227536ffbdf871f58b6f09b9ac8c9
953c39b93c46656e2d25a28dd13379498f98e991a78f682c4a42c951bc87a0f2
b7a4c70a7b462fe1406d671b294cc0773395f5dc3899ddad647b5d97a3a768d6
c99aa42afb5e3685758d2ee5c8c986a59dbce5364cf4607fc27ce8ada8448cda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f0950d0e32b53e4b4b6da63ba07553589c5da3c2e2ede3a1c918c6982290ac9c
f26fae0ead83ab9ddbd4a07bfd09f70379a4f3f74bb501495a1874c21413cbb9
f542b26c8b6eeb837266a149f86cb217113b5e5eaa022ba754d72169c10cdd6e
f60f23a1f786a2cad70239c0be7e8b9bb1ef3e02adc100d1e013429c5be1d3c2

virustruth.net Open in urlscan Pro 208.94.117.174 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

11 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

197 kBTransfer

377 kBSize

0 Cookies

1 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

virustruth.net Open in urlscan Pro
208.94.117.174 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

197 kB
Transfer

377 kB
Size

0
Cookies

11 HTTP transactions
1 data transactions