Submitted URL: http://emailszip.com/
Effective URL: https://www.neomails.com/horde/login.php
Submission Tags: @phish_report
Submission: On November 21 via api from FI — Scanned from AU

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 14 HTTP transactions. The main IP is 178.32.97.179, located in France and belongs to OVH OVH SAS, FR. The main domain is www.neomails.com.
TLS certificate: Issued by R10 on November 18th 2024. Valid for: 3 months.
This is the only time www.neomails.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 16 178.32.97.179 16276 (OVH OVH SAS)
14 1
Apex Domain
Subdomains
Transfer
15 neomails.com
www.neomails.com
225 KB
1 emailszip.com
emailszip.com
256 B
14 2
Domain Requested by
15 www.neomails.com 1 redirects www.neomails.com
1 emailszip.com 1 redirects
14 2

This site contains no links.

Subject Issuer Validity Valid
neomails.com
R10
2024-11-18 -
2025-02-16
3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.neomails.com/horde/login.php
Frame ID: 9656AA9C46935049BA9EFFBB7B5673D4
Requests: 14 HTTP requests in this frame

Screenshot

Page Title

Horde :: Log in

Page URL History Show full URLs

  1. http://emailszip.com/ HTTP 307
    https://emailszip.com/ HTTP 302
    https://www.neomails.com/horde/ HTTP 302
    https://www.neomails.com/horde/login.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • jquery[.-]mobile(?:-([\d.]))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

224 kB
Transfer

797 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://emailszip.com/ HTTP 307
    https://emailszip.com/ HTTP 302
    https://www.neomails.com/horde/ HTTP 302
    https://www.neomails.com/horde/login.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request login.php
www.neomails.com/horde/
Redirect Chain
  • http://emailszip.com/
  • https://emailszip.com/
  • https://www.neomails.com/horde/
  • https://www.neomails.com/horde/login.php
7 KB
3 KB
Document
General
Full URL
https://www.neomails.com/horde/login.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.32.97.179 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip179.ip-178-32-97.eu
Software
Apache/2.4.62 (Debian) /
Resource Hash
09c07fcf27ec9dbb4607a2a0e2b9e120039e28e7d1e60e2b970c0f317b03cca3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 21 Nov 2024 21:14:11 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=99
Pragma
no-cache
Server
Apache/2.4.62 (Debian)
Transfer-Encoding
chunked
Vary
Accept-Language,Accept-Encoding

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
20
Content-Type
text/html; charset=UTF-8
Date
Thu, 21 Nov 2024 21:14:10 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Location
https://www.neomails.com/horde/login.php
Pragma
no-cache
Server
Apache/2.4.62 (Debian)
Vary
Accept-Encoding
jquery.mobile.min.css
www.neomails.com/horde/js/jquery.mobile/
133 KB
19 KB
Stylesheet
General
Full URL
https://www.neomails.com/horde/js/jquery.mobile/jquery.mobile.min.css
Requested by
Host: www.neomails.com
URL: https://www.neomails.com/horde/login.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.32.97.179 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip179.ip-178-32-97.eu
Software
Apache/2.4.62 (Debian) /
Resource Hash
ee021aeb6874962a6e6ce57f33d2aa224a3983eda235f8b74084471c92b72ab4

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.neomails.com/horde/login.php

Response headers

Content-Encoding
gzip
ETag
"214ed-5af07d2a1bc40-gzip"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
19509
Keep-Alive
timeout=5, max=98
Date
Thu, 21 Nov 2024 21:14:11 GMT
Last-Modified
Fri, 11 Sep 2020 11:16:57 GMT
Vary
Accept-Encoding
Server
Apache/2.4.62 (Debian)
Content-Type
text/css
screen.css
www.neomails.com/horde/themes/default/smartmobile/
2 KB
1 KB
Stylesheet
General
Full URL
https://www.neomails.com/horde/themes/default/smartmobile/screen.css
Requested by
Host: www.neomails.com
URL: https://www.neomails.com/horde/login.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.32.97.179 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip179.ip-178-32-97.eu
Software
Apache/2.4.62 (Debian) /
Resource Hash
fbf6b0ba99b57fb374fe6347bf3f571a3c5510bdcdf54f51083fcc30fe585a2f

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.neomails.com/horde/login.php

Response headers

Content-Encoding
gzip
ETag
"8c2-5a9dfa1dd7680-gzip"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
834
Keep-Alive
timeout=5, max=100
Date
Thu, 21 Nov 2024 21:14:12 GMT
Last-Modified
Tue, 07 Jul 2020 20:14:02 GMT
Vary
Accept-Encoding
Server
Apache/2.4.62 (Debian)
Content-Type
text/css
jquery.min.js
www.neomails.com/horde/js/jquery.mobile/
278 KB
83 KB
Script
General
Full URL
https://www.neomails.com/horde/js/jquery.mobile/jquery.min.js?v=29a470be3053bf6de73a73bcbf83a243
Requested by
Host: www.neomails.com
URL: https://www.neomails.com/horde/login.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.32.97.179 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip179.ip-178-32-97.eu
Software
Apache/2.4.62 (Debian) /
Resource Hash
58c27035b7a2e589df397e5d7e05424b90b8c1aaaf73eff47d5ed6daecb70f25

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.neomails.com/horde/login.php

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
ETag
"45618-5af07d2a1bc40-gzip"
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Date
Thu, 21 Nov 2024 21:14:12 GMT
Last-Modified
Fri, 11 Sep 2020 11:16:57 GMT
Vary
Accept-Encoding
Server
Apache/2.4.62 (Debian)
Content-Type
application/javascript
growler-jquery.js
www.neomails.com/horde/js/
2 KB
1 KB
Script
General
Full URL
https://www.neomails.com/horde/js/growler-jquery.js?v=29a470be3053bf6de73a73bcbf83a243
Requested by
Host: www.neomails.com
URL: https://www.neomails.com/horde/login.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.32.97.179 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip179.ip-178-32-97.eu
Software
Apache/2.4.62 (Debian) /
Resource Hash
3f52c1bd1f850b91e46e21bd11a5e9897d8caa72dddf8af4fa634a4e17f3e342

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.neomails.com/horde/login.php

Response headers

Content-Encoding
gzip
ETag
"9a8-5af07d2a1bc40-gzip"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
958
Keep-Alive
timeout=5, max=97
Date
Thu, 21 Nov 2024 21:14:11 GMT
Last-Modified
Fri, 11 Sep 2020 11:16:57 GMT
Vary
Accept-Encoding
Server
Apache/2.4.62 (Debian)
Content-Type
application/javascript
horde-jquery.js
www.neomails.com/horde/js/
3 KB
1 KB
Script
General
Full URL
https://www.neomails.com/horde/js/horde-jquery.js?v=29a470be3053bf6de73a73bcbf83a243
Requested by
Host: www.neomails.com
URL: https://www.neomails.com/horde/login.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.32.97.179 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip179.ip-178-32-97.eu
Software
Apache/2.4.62 (Debian) /
Resource Hash
a5f37a130f6b31060b9a92941c54535813c4fa78edcfe6e17f5f3eded7e579cf

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.neomails.com/horde/login.php

Response headers

Content-Encoding
gzip
ETag
"b7a-5af07d2a1bc40-gzip"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1082
Keep-Alive
timeout=5, max=100
Date
Thu, 21 Nov 2024 21:14:11 GMT
Last-Modified
Fri, 11 Sep 2020 11:16:57 GMT
Vary
Accept-Encoding
Server
Apache/2.4.62 (Debian)
Content-Type
application/javascript
smartmobile.js
www.neomails.com/horde/js/
9 KB
3 KB
Script
General
Full URL
https://www.neomails.com/horde/js/smartmobile.js?v=29a470be3053bf6de73a73bcbf83a243
Requested by
Host: www.neomails.com
URL: https://www.neomails.com/horde/login.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.32.97.179 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip179.ip-178-32-97.eu
Software
Apache/2.4.62 (Debian) /
Resource Hash
894c15b2501e1803fe495b58771687acb3acaf168ee81f5391466cf7667fae7f

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.neomails.com/horde/login.php

Response headers

Content-Encoding
gzip
ETag
"25b7-5af07d2a1bc40-gzip"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3022
Keep-Alive
timeout=5, max=100
Date
Thu, 21 Nov 2024 21:14:12 GMT
Last-Modified
Fri, 11 Sep 2020 11:16:57 GMT
Vary
Accept-Encoding
Server
Apache/2.4.62 (Debian)
Content-Type
application/javascript
horde-jquery-init.js
www.neomails.com/horde/js/
334 B
578 B
Script
General
Full URL
https://www.neomails.com/horde/js/horde-jquery-init.js?v=29a470be3053bf6de73a73bcbf83a243
Requested by
Host: www.neomails.com
URL: https://www.neomails.com/horde/login.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.32.97.179 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip179.ip-178-32-97.eu
Software
Apache/2.4.62 (Debian) /
Resource Hash
5224c3619ac32151ee49b0a98a7e0441a2d42684c0857bccced517dbe868db7b

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.neomails.com/horde/login.php

Response headers

Content-Encoding
gzip
ETag
"14e-5af07d2a1bc40-gzip"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
228
Keep-Alive
timeout=5, max=100
Date
Thu, 21 Nov 2024 21:14:12 GMT
Last-Modified
Fri, 11 Sep 2020 11:16:57 GMT
Vary
Accept-Encoding
Server
Apache/2.4.62 (Debian)
Content-Type
application/javascript
jquery.mobile.min.js
www.neomails.com/horde/js/jquery.mobile/
351 KB
98 KB
Script
General
Full URL
https://www.neomails.com/horde/js/jquery.mobile/jquery.mobile.min.js?v=29a470be3053bf6de73a73bcbf83a243
Requested by
Host: www.neomails.com
URL: https://www.neomails.com/horde/login.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.32.97.179 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip179.ip-178-32-97.eu
Software
Apache/2.4.62 (Debian) /
Resource Hash
e4c5b2e42463aad06cb753d03cbeb8be77a0a4e94969ad2d0c25c93be19803b2

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.neomails.com/horde/login.php

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
ETag
"57ac9-5af07d2a1bc40-gzip"
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Date
Thu, 21 Nov 2024 21:14:12 GMT
Last-Modified
Fri, 11 Sep 2020 11:16:57 GMT
Vary
Accept-Encoding
Server
Apache/2.4.62 (Debian)
Content-Type
application/javascript
smartmobile-login.js
www.neomails.com/horde/js/
1 KB
911 B
Script
General
Full URL
https://www.neomails.com/horde/js/smartmobile-login.js?v=29a470be3053bf6de73a73bcbf83a243
Requested by
Host: www.neomails.com
URL: https://www.neomails.com/horde/login.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.32.97.179 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip179.ip-178-32-97.eu
Software
Apache/2.4.62 (Debian) /
Resource Hash
be0ecbb0ebffa24dd9b82475174100d41d4558f14be70190c1e619d207fce9c2

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.neomails.com/horde/login.php

Response headers

Content-Encoding
gzip
ETag
"4a2-5a9dfa1dd7680-gzip"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
562
Keep-Alive
timeout=5, max=99
Date
Thu, 21 Nov 2024 21:14:12 GMT
Last-Modified
Tue, 07 Jul 2020 20:14:02 GMT
Vary
Accept-Encoding
Server
Apache/2.4.62 (Debian)
Content-Type
application/javascript
horde-power1.png
www.neomails.com/horde/themes/default/graphics/
2 KB
2 KB
Image
General
Full URL
https://www.neomails.com/horde/themes/default/graphics/horde-power1.png
Requested by
Host: www.neomails.com
URL: https://www.neomails.com/horde/login.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.32.97.179 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip179.ip-178-32-97.eu
Software
Apache/2.4.62 (Debian) /
Resource Hash
e29ea99440ec2b111b937c92a4a9750a16b91504a47f2d9c45c4ae514da420c9

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.neomails.com/horde/login.php

Response headers

ETag
"8d2-5a9dfa1dd7680"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2258
Keep-Alive
timeout=5, max=99
Date
Thu, 21 Nov 2024 21:14:12 GMT
Last-Modified
Tue, 07 Jul 2020 20:14:02 GMT
Content-Type
image/png
Server
Apache/2.4.62 (Debian)
ajax-loader.gif
www.neomails.com/horde/js/jquery.mobile/images/
6 KB
6 KB
Image
General
Full URL
https://www.neomails.com/horde/js/jquery.mobile/images/ajax-loader.gif
Requested by
Host: www.neomails.com
URL: https://www.neomails.com/horde/js/jquery.mobile/jquery.mobile.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.32.97.179 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip179.ip-178-32-97.eu
Software
Apache/2.4.62 (Debian) /
Resource Hash
788f7c1c1e1ce76fec76c866523d79bb7090756e9cad67cb6efc4cfd7bedd47b

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.neomails.com/horde/js/jquery.mobile/jquery.mobile.min.css

Response headers

ETag
"1863-5af07d2a1bc40"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
6243
Keep-Alive
timeout=5, max=99
Date
Thu, 21 Nov 2024 21:14:13 GMT
Last-Modified
Fri, 11 Sep 2020 11:16:57 GMT
Content-Type
image/gif
Server
Apache/2.4.62 (Debian)
icons-18-white.png
www.neomails.com/horde/js/jquery.mobile/images/
2 KB
2 KB
Image
General
Full URL
https://www.neomails.com/horde/js/jquery.mobile/images/icons-18-white.png
Requested by
Host: www.neomails.com
URL: https://www.neomails.com/horde/js/jquery.mobile/jquery.mobile.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.32.97.179 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip179.ip-178-32-97.eu
Software
Apache/2.4.62 (Debian) /
Resource Hash
ecb3d8c0c01cc69e2ff1517cbdcbea1a79976034b09e4354549491adbd18c33a

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.neomails.com/horde/js/jquery.mobile/jquery.mobile.min.css

Response headers

ETag
"6f7-5af07d2a1bc40"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1783
Keep-Alive
timeout=5, max=95
Date
Thu, 21 Nov 2024 21:14:13 GMT
Last-Modified
Fri, 11 Sep 2020 11:16:57 GMT
Content-Type
image/png
Server
Apache/2.4.62 (Debian)
favicon.ico
www.neomails.com/horde/themes/default/graphics/
918 B
1 KB
Other
General
Full URL
https://www.neomails.com/horde/themes/default/graphics/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.32.97.179 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip179.ip-178-32-97.eu
Software
Apache/2.4.62 (Debian) /
Resource Hash
1d2369a3986f4a0f1853c0e700a45e42e2d5901f8b1f6219005ec6e94e7f7b55

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.neomails.com/horde/login.php

Response headers

ETag
"396-5a9dfa1dd7680"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
918
Keep-Alive
timeout=5, max=94
Date
Thu, 21 Nov 2024 21:14:13 GMT
Last-Modified
Tue, 07 Jul 2020 20:14:02 GMT
Content-Type
image/vnd.microsoft.icon
Server
Apache/2.4.62 (Debian)

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| horde_jquerymobile_init function| $ function| jQuery object| HordeJquery object| HordeMobile object| jQuery1112011794186190329592 object| HordeLogin

2 Cookies

Domain/Path Name / Value
.www.neomails.com/ Name: Horde
Value: k8efff5prj0ppfsd5ogtm758u4
.www.neomails.com/ Name: horde_secret_key
Value: k8efff5prj0ppfsd5ogtm758u4

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://www.neomails.com/horde/login.php
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o