rootwitch.praveenms.site
Open in
urlscan Pro
95.111.198.224
Public Scan
Submission Tags: phishingrod
Submission: On June 25 via api from DE — Scanned from SG
Summary
TLS certificate: Issued by R3 on June 14th 2023. Valid for: 3 months.
This is the only time rootwitch.praveenms.site was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 | 95.111.198.224 95.111.198.224 | 202053 (UPCLOUD) (UPCLOUD) | |
4 | 2606:4700::68... 2606:4700::6811:180e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2404:6800:400... 2404:6800:4003:c02::5f | 15169 (GOOGLE) (GOOGLE) | |
2 | 2404:6800:401... 2404:6800:4017:801::2003 | 15169 (GOOGLE) (GOOGLE) | |
12 | 4 |
ASN202053 (UPCLOUD, FI)
PTR: 95-111-198-224.sg-sin1.upcloud.host
rootwitch.praveenms.site |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 263 |
35 KB |
4 |
praveenms.site
rootwitch.praveenms.site |
282 KB |
2 |
gstatic.com
fonts.gstatic.com |
43 KB |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 80 |
2 KB |
12 | 4 |
Domain | Requested by | |
---|---|---|
4 | cdnjs.cloudflare.com |
rootwitch.praveenms.site
|
4 | rootwitch.praveenms.site |
rootwitch.praveenms.site
|
2 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | fonts.googleapis.com |
rootwitch.praveenms.site
|
12 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.praveenms.site |
mail.google.com |
photogram.praveenms.site |
mycgpa.praveenms.site |
github.com |
grunt.praveenms.site |
www.linkedin.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
mycgpa.selfmade.one R3 |
2023-06-14 - 2023-09-12 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-08-03 - 2023-08-02 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-05-29 - 2023-08-21 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-05-29 - 2023-08-21 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://rootwitch.praveenms.site/
Frame ID: 1C5E392A983A065BD1B292CC8F04B522
Requests: 12 HTTP requests in this frame
Screenshot
Page Title
Praveen - RootWitchDetected technologies
particles.js (JavaScript Graphics) ExpandDetected patterns
- <div id="particles-js">
- /particles(?:\.min)?\.js
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
19 Outgoing links
These are links going to different origins than the main page.
Title: Portfolio
Search URL Search Domain Scan URL
Title: Contact Me
Search URL Search Domain Scan URL
Title: 1. Photogram Web App
Search URL Search Domain Scan URL
Title: 2. CGPA/SGPA Calculator
Search URL Search Domain Scan URL
Title: 3. E Commerce Site With MERN
Search URL Search Domain Scan URL
Title: 4. MERN Authentication API
Search URL Search Domain Scan URL
Title: 5. REST API Notes APP
Search URL Search Domain Scan URL
Title: 6. Certificate Generator
Search URL Search Domain Scan URL
Title: 7. Project Architecture using GruntJS
Search URL Search Domain Scan URL
Title: https://grunt.praveenms.site
Search URL Search Domain Scan URL
Title: 8. Chrome Extensions
Search URL Search Domain Scan URL
Title: 1. Password Manager - Python & Node Version
Search URL Search Domain Scan URL
Title: 2. API Based Password Manager Tool
Search URL Search Domain Scan URL
Title: 3. Sockets-Modules
Search URL Search Domain Scan URL
Title: 4. Exploit Tools
Search URL Search Domain Scan URL
Title: 5. Linux OS Modules
Search URL Search Domain Scan URL
Title: 6. MediaData Viewer PYPI Tool
Search URL Search Domain Scan URL
Title: Github
Search URL Search Domain Scan URL
Title: Linked In
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
rootwitch.praveenms.site/ |
13 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
skeleton.min.css
cdnjs.cloudflare.com/ajax/libs/skeleton/2.0.4/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_style_.css
rootwitch.praveenms.site/css/ |
15 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
1 KB 579 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 977 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/ |
82 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
particles.min.js
cdnjs.cloudflare.com/ajax/libs/particles.js/2.0.0/ |
23 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_main_.js
rootwitch.praveenms.site/js/ |
2 KB 754 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
skeleton.min.css
cdnjs.cloudflare.com/ajax/libs/skeleton/2.0.4/ |
0 2 KB |
Other
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg.png
rootwitch.praveenms.site/img/ |
275 KB 275 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1Ptxg8zYS_SKggPN4iEgvnHyvveLxVuEorCIPrE.woff2
fonts.gstatic.com/s/raleway/v28/ |
21 KB 21 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
w8gdH283Tvk__Lua32TysjIfp8uP.woff2
fonts.gstatic.com/s/varelaround/v20/ |
21 KB 21 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| onbeforetoggle object| onscrollend function| $ function| jQuery function| hexToRgb function| clamp function| isInArray function| pJS function| requestAnimFrame function| cancelRequestAnimFrame object| pJSDom function| particlesJS0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
rootwitch.praveenms.site
2404:6800:4003:c02::5f
2404:6800:4017:801::2003
2606:4700::6811:180e
95.111.198.224
2044a0abfd7b116f6d091d6d9227a5720bd4848519cd38d274b2a3a9356969dd
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
49c1e42f2acbd89561f3ec75ebc643caa60c16c245ff4a49c19f6404d9c76958
4e8f6c52a5d1d59d3f77c9e5ea4d743304e9ece8760286465f0a1979b2640a7c
6dc2f1fc2ecf49aa981fd7423d8d39d634d2bf15a34691879af60ec737f3d5bb
6e3c23489ab8ac145558e3de5a805403988663989d7488e42cd4a1c03b5b1c87
77dcc3f0ca5ac79a3189b7fe5cea13ed94b36b7beb315536749b0b8f638e71ee
bf7c1e537030dad72a7d00d2480d430877bdca83f7d6577944d2a326cceabaca
d9841124c5c3ee92003c7897af4b3ebe545603b1982442b40119ecee4dac6c76
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f67ce158a659b6dd01c5209ecb2b3543a3df33533f8cad4eb7243427a4452ef8
faee7815a5fd27e938d1e01c8392b66332024908eb118048f608eee671371df6