![](/screenshots/cdefb412-064d-4999-8c7e-475bfef880ad.png)
whitelightwitch.fivebucks.us
Open in
urlscan Pro
50.116.94.1
Public Scan
Submission Tags: phishingrod
Submission: On March 06 via api from DE — Scanned from US
Summary
TLS certificate: Issued by R3 on January 3rd 2023. Valid for: 3 months.
This is the only time whitelightwitch.fivebucks.us was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 50.116.94.1 50.116.94.1 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1) | |
9 23 | 198.12.217.39 198.12.217.39 | 398101 (GO-DADDY-...) (GO-DADDY-COM-LLC) | |
1 | 142.250.65.170 142.250.65.170 | 15169 (GOOGLE) (GOOGLE) | |
16 | 4 |
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 50-116-94-1.unifiedlayer.com
whitelightwitch.fivebucks.us |
ASN398101 (GO-DADDY-COM-LLC, US)
PTR: 39.217.12.198.host.secureserver.net
whitelightwitch.com | |
www.whitelightwitch.com |
ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f10.1e100.net
fonts.googleapis.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
23 |
whitelightwitch.com
9 redirects
whitelightwitch.com www.whitelightwitch.com |
20 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36 |
1 KB |
1 |
fivebucks.us
whitelightwitch.fivebucks.us |
18 KB |
16 | 3 |
Domain | Requested by | |
---|---|---|
14 | whitelightwitch.com |
9 redirects
whitelightwitch.fivebucks.us
|
9 | www.whitelightwitch.com |
whitelightwitch.fivebucks.us
|
1 | fonts.googleapis.com |
whitelightwitch.fivebucks.us
|
1 | whitelightwitch.fivebucks.us | |
16 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
whitelightwitch.com |
wenthemes.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.whitelightwitch.fivebucks.us R3 |
2023-01-03 - 2023-04-03 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-02-08 - 2023-05-03 |
3 months | crt.sh |
whitelightwitch.com cPanel, Inc. Certification Authority |
2023-01-08 - 2023-04-08 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://whitelightwitch.fivebucks.us/
Frame ID: 5FE3094E77BFDD9DC20887D3983F0DA3
Requests: 17 HTTP requests in this frame
Screenshot
![](/screenshots/cdefb412-064d-4999-8c7e-475bfef880ad.png)
Page Title
White Light WitchDetected technologies
Detected patterns
- <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
- /wp-(?:content|includes)/
![](/vendor/wappa/icons/ZURB Foundation.png)
Detected patterns
- <link[^>]+foundation[^>"]+css
![](/vendor/wappa/icons/Font Awesome.png)
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
![](/vendor/wappa/icons/Google Font API.png)
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Title: <img width="562" height="326" src="https://whitelightwitch.com/wp-content/uploads/2021/05/wlw-logo-black.jpg" class="custom-logo" alt="White Light Witch" srcset="https://whitelightwitch.com/wp-content/uploads/2021/05/wlw-logo-black.jpg 562w, https://whitelightwitch.com/wp-content/uploads/2021/05/wlw-logo-black-300x174.jpg 300w" sizes="(max-width: 562px) 100vw, 562px" />
Search URL Search Domain Scan URL
Title: About Me
Search URL Search Domain Scan URL
Title: Services
Search URL Search Domain Scan URL
Title: Contact
Search URL Search Domain Scan URL
Title: WEN Themes
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://whitelightwitch.com/wp-content/cache/wpfc-minified/2pvkg3fd/813js.css HTTP 301
- https://www.whitelightwitch.com/wp-content/cache/wpfc-minified/2pvkg3fd/813js.css
- https://whitelightwitch.com/wp-content/cache/wpfc-minified/kxvllu44/813js.css HTTP 301
- https://www.whitelightwitch.com/wp-content/cache/wpfc-minified/kxvllu44/813js.css
- https://whitelightwitch.com/wp-content/cache/wpfc-minified/desyhjxz/813js.css HTTP 301
- https://www.whitelightwitch.com/wp-content/cache/wpfc-minified/desyhjxz/813js.css
- https://whitelightwitch.com/wp-content/cache/wpfc-minified/2p3ghxat/813js.css HTTP 301
- https://www.whitelightwitch.com/wp-content/cache/wpfc-minified/2p3ghxat/813js.css
- https://whitelightwitch.com/wp-content/cache/wpfc-minified/978r46jq/813js.js HTTP 301
- https://www.whitelightwitch.com/wp-content/cache/wpfc-minified/978r46jq/813js.js
- https://whitelightwitch.com/wp-content/cache/wpfc-minified/g4e57e8y/813js.css HTTP 301
- https://www.whitelightwitch.com/wp-content/cache/wpfc-minified/g4e57e8y/813js.css
- https://whitelightwitch.com/wp-content/themes/signify/js/skip-link-focus-fix.min.js?ver=201800703 HTTP 301
- https://www.whitelightwitch.com/wp-content/themes/signify/js/skip-link-focus-fix.min.js?ver=201800703
- https://whitelightwitch.com/wp-content/themes/signify/js/functions.min.js?ver=201800703 HTTP 301
- https://www.whitelightwitch.com/wp-content/themes/signify/js/functions.min.js?ver=201800703
- https://whitelightwitch.com/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.9.11 HTTP 301
- https://www.whitelightwitch.com/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.9.11
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
whitelightwitch.fivebucks.us/ |
89 KB 18 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
813js.css
www.whitelightwitch.com/wp-content/cache/wpfc-minified/2pvkg3fd/ Redirect Chain
|
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
813js.css
www.whitelightwitch.com/wp-content/cache/wpfc-minified/kxvllu44/ Redirect Chain
|
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
813js.css
www.whitelightwitch.com/wp-content/cache/wpfc-minified/desyhjxz/ Redirect Chain
|
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
813js.css
www.whitelightwitch.com/wp-content/cache/wpfc-minified/2p3ghxat/ Redirect Chain
|
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
813js.js
www.whitelightwitch.com/wp-content/cache/wpfc-minified/978r46jq/ Redirect Chain
|
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
813js.css
www.whitelightwitch.com/wp-content/cache/wpfc-minified/g4e57e8y/ Redirect Chain
|
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
regenerator-runtime.min.js
whitelightwitch.com/wp-includes/js/dist/vendor/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp-polyfill.min.js
whitelightwitch.com/wp-includes/js/dist/vendor/ |
17 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.js
whitelightwitch.com/wp-content/plugins/contact-form-7/includes/js/ |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
skip-link-focus-fix.min.js
www.whitelightwitch.com/wp-content/themes/signify/js/ Redirect Chain
|
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
functions.min.js
www.whitelightwitch.com/wp-content/themes/signify/js/ Redirect Chain
|
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
whitelightwitch.com/wp-content/plugins/visual-footer-credit-remover/ |
140 B 170 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
smush-lazy-load.min.js
www.whitelightwitch.com/wp-content/plugins/wp-smushit/app/assets/js/ Redirect Chain
|
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.flexslider.min.js
whitelightwitch.com/wp-content/plugins/ml-slider/assets/sliders/flexslider/ |
23 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
37 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| jabvfcr object| runtime object| regeneratorRuntime function| setImmediate function| clearImmediate object| wpcf7 object| signifyOptions function| metaslider_213 function| timer_metaslider_2130 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
9 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.googleapis.com
whitelightwitch.com
whitelightwitch.fivebucks.us
www.whitelightwitch.com
142.250.65.170
198.12.217.39
50.116.94.1
0cc142fb3b55bacb1cdf0ccf54b46e17f0cdca7548cc64e5be4623d6bc2d1e69
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
3a70d4f27e5fd6c8f262ed7531bf2f8e9207b467d0f0c919f16248fe923e7e80
76447cfbc021797d3c90814051084731c284bbc902138744d41dd75e4be8abac
9a86c3e4323179a9ead9688d2dcc36e70db45d14b495aaec76972756d87a1e27
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
f84293668b02b8c83c20c5c2cf51f8a5a64ac5a15d34be26c85382496b107700