forms.4-skin.net
Open in
urlscan Pro
167.99.202.53
Public Scan
URL:
https://forms.4-skin.net/
Submission Tags: phishingrod
Submission: On June 09 via api from DE — Scanned from GB
Submission Tags: phishingrod
Submission: On June 09 via api from DE — Scanned from GB
Summary
This website contacted 3 IPs
in 1 countries
across 1 domains to perform 14 HTTP transactions.
The main IP is 167.99.202.53, located in
Enfield, United Kingdom and
belongs to DIGITALOCEAN-ASN, US.
The main domain is forms.4-skin.net.
TLS certificate: Issued by forms.4-skin.net on March 1st 2022. Valid for: a year.
This is the only time forms.4-skin.net was scanned on urlscan.io!
TLS certificate: Issued by forms.4-skin.net on March 1st 2022. Valid for: a year.
This is the only time forms.4-skin.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 | 167.99.202.53 167.99.202.53 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
| 7 | 136.244.67.11 136.244.67.11 | 20473 (AS-CHOOPA) (AS-CHOOPA) | |
| 14 | 3 |
1
167.99.202.53
(Enfield, United Kingdom)
ASN14061 (DIGITALOCEAN-ASN, US)
PTR: c05.tmdcloud.london
ASN14061 (DIGITALOCEAN-ASN, US)
PTR: c05.tmdcloud.london
| forms.4-skin.net |
7
136.244.67.11
(City of London, United Kingdom)
ASN20473 (AS-CHOOPA, US)
PTR: 136.244.67.11.vultrusercontent.com
ASN20473 (AS-CHOOPA, US)
PTR: 136.244.67.11.vultrusercontent.com
| 4-skin.net |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 8 |
4-skin.net
forms.4-skin.net 4-skin.net |
2 KB |
| 14 | 1 |
| Domain | Requested by | |
|---|---|---|
| 7 | 4-skin.net |
forms.4-skin.net
|
| 1 | forms.4-skin.net | |
| 14 | 2 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| formtools.org |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| forms.4-skin.net forms.4-skin.net |
2022-03-01 - 2023-03-01 |
a year | crt.sh |
| 4-skin.net R3 |
2023-04-13 - 2023-07-12 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://forms.4-skin.net/
Frame ID: F93BF6B5AA912A993A0B8AD77D05FB7A
Requests: 14 HTTP requests in this frame
Screenshot
Page Title
Admin PanelDetected technologies
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery UI
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery-ui[.-]([\d.]*\d)[^/]*\.js
- jquery-ui.*\.js
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
URL: https://formtools.org/
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
forms.4-skin.net/ |
5 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main.css
4-skin.net/forms/global/css/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
styles.css
4-skin.net/forms/themes/4skin/css/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-ui-1.8.14.custom.css
4-skin.net/forms/themes/4skin/css/smoothness/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.js
4-skin.net/forms/global/scripts/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-ui-1.8.14.custom.min.js
4-skin.net/forms/themes/4skin/scripts/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
general.js
4-skin.net/forms/global/scripts/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rsv.js
4-skin.net/forms/global/scripts/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
header_right_shadow.jpg
4-skin.net/forms/themes/4skin/images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
header_right.jpg
4-skin.net/forms/themes/4skin/images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
header_logo.jpg
4-skin.net/forms/themes/4skin/images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
main_right_shadow.jpg
4-skin.net/forms/themes/4skin/images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
footer_right.jpg
4-skin.net/forms/themes/4skin/images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
footer_left.jpg
4-skin.net/forms/themes/4skin/images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- 4-skin.net
- URL
- https://4-skin.net/forms/themes/4skin/images/header_right_shadow.jpg
- Domain
- 4-skin.net
- URL
- https://4-skin.net/forms/themes/4skin/images/header_right.jpg
- Domain
- 4-skin.net
- URL
- https://4-skin.net/forms/themes/4skin/images/header_logo.jpg
- Domain
- 4-skin.net
- URL
- https://4-skin.net/forms/themes/4skin/images/main_right_shadow.jpg
- Domain
- 4-skin.net
- URL
- https://4-skin.net/forms/themes/4skin/images/footer_right.jpg
- Domain
- 4-skin.net
- URL
- https://4-skin.net/forms/themes/4skin/images/footer_left.jpg
Verdicts & Comments Add Verdict or Comment
4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| onbeforetoggle object| onscrollend object| g1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| forms.4-skin.net/ | Name: PHPSESSID Value: 6fc80c447fb80a47dac5b6f591e91f43 |
7 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
4-skin.net
forms.4-skin.net
4-skin.net
136.244.67.11
167.99.202.53
c88df2d54fd5f70f4c080f3d191e182dcb03ad6b46d1aa919df71c721cd8c051