mail.md-skin.com
Open in
urlscan Pro
2606:4700::6812:4aa7
Public Scan
Submission Tags: phishingrod
Submission: On April 08 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 8th 2023. Valid for: a year.
This is the only time mail.md-skin.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
15 | 2606:4700::68... 2606:4700::6812:4aa7 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
15 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
md-skin.com
mail.md-skin.com |
321 KB |
15 | 1 |
Domain | Requested by | |
---|---|---|
15 | mail.md-skin.com |
mail.md-skin.com
|
15 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
mail.md-skin.com Cloudflare Inc ECC CA-3 |
2023-04-08 - 2024-04-07 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://mail.md-skin.com/
Frame ID: F6B47DF8F2B721D1CA158E2AF8A6DC50
Requests: 14 HTTP requests in this frame
Frame:
https://mail.md-skin.com/skins/elastic/webmail-logo.svg
Frame ID: 3B0596DC29002B524E072E33FB97F83C
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Webmail :: Willkommen bei WebmailWebmail :: Welcome to WebmailDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery UI (JavaScript Libraries) Expand
Detected patterns
- jquery-ui.*\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
mail.md-skin.com/ |
10 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
mail.md-skin.com/skins/elastic/deps/ |
158 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.css
mail.md-skin.com/plugins/skins/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.2.css
mail.md-skin.com/brands/049/1/ |
311 KB 54 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui.min.css
mail.md-skin.com/plugins/jqueryui/themes/elastic/ |
29 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
mail.md-skin.com/program/js/ |
89 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common.js
mail.md-skin.com/program/js/ |
23 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.js
mail.md-skin.com/program/js/ |
312 KB 77 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jstz.min.js
mail.md-skin.com/program/js/ |
14 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
punycode.js
mail.md-skin.com/plugins/skins/ |
14 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ui.js
mail.md-skin.com/skins/elastic/ |
142 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui.min.js
mail.md-skin.com/plugins/jqueryui/js/ |
256 KB 69 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
datepicker-de.js
mail.md-skin.com/plugins/jqueryui/js/i18n/ |
1 KB 710 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
email-decode.min.js
mail.md-skin.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ |
1 KB 848 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webmail-logo.svg
mail.md-skin.com/skins/elastic/ Frame 3B05 |
3 KB 1 KB |
Document
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
39 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless function| exit_preview function| preview_checkbox function| preview_force function| check_realm function| hostname_from_location function| update_example function| test_checkboxes function| isMobile function| $ function| jQuery number| CONTROL_KEY number| SHIFT_KEY number| CONTROL_SHIFT_KEY function| roundcube_browser object| rcube_event function| rcube_event_engine function| rcube_check_email function| rcube_clone_object function| urlencode function| rcube_find_object function| rcube_mouse_is_over function| setCookie function| getCookie object| bw function| rcube_parse_query object| Base64 object| pattern function| rcube_webmail object| jstz object| punycode object| rcmail function| rcube_elastic_ui object| UI undefined| __newInst function| fixTextBox string| tz_name string| tz2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
mail.md-skin.com/ | Name: roundcube_sessid Value: 1262e650787707eb81763c552cdb6fcf |
|
mail.md-skin.com/ | Name: Q7tx-jncgzrLAA1Q6keos3yQTPMZ Value: v1jtbmgwSDYzV |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | sameorigin |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
mail.md-skin.com
2606:4700::6812:4aa7
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2d6d78d5a227a5ce4ac19a09a3324bf6faf937e754690326235ab4fde42815dd
3012d507501c2492e906fa4402607695f46b16183bea5e0b9733e9091c282db5
5641ed21773230a8110279658abac57bb5b4abc7bf4091946c5e61e8f0021f55
716ece8deb8412f7ec95ab395c92f6515bb8d8b792fd7480c014cdc6f063452a
74d1ecf847b8dbfbda3454d2a99ccd2906022fa6e290397f44d306b393d6e11f
7ab3be0fde4aca78a442505e7ca2308bf380e29d56e63a10b34c9958c2efd888
952f98168ddee35169166ce789031db4b40cd784dd3d4b1712d04cc4f761677c
95908d1a24d270335313cf0bca1040471a54c20aa8535e42b9e30cbfb231c286
97735624f41cd147e25d9e301bb14bded56e3d4d47b6456ff4df01c08f3f1fca
98338a949abe7dab9f6a8e75e897d81a0d9ea3d4e14cd591ef98046c9e71749a
b5c4c6619e9ca42e4fece99caf2b86738e38ecde5d54565d34aeb440d49a25fb
ca2d63f7f2d4eedf5767ae32b8badd7a17bce8835a538ec0d80d20afb723b8e6
e01c74ef000f5b345ba221be4d13898d45c318d74417fa6c609e346e10f34600
ee32c5bd923d515354bb2fc1a3dd82cb6005714a5269c5e2a2b25e199edac064