urlscan.io logo urlscan.io
SecurityTrails logo

login-mail-zi.omantle.com Open in urlscan Pro
172.67.129.98  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://67zygkhbb.cc.rs6.net/tn.jsp?f=001FMpLsqH_Me-87uE21KPjsxzLQeH6xheEmTNeM7bEg3LegDpISfa8lFWbuLuGesZ-YIqEKxxC1TN8S8bvzZdB...
Effective URL: https://login-mail-zi.omantle.com/.zim./.o9./
Submission: On July 26 via manual from PL — Scanned from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 5 domains to perform 6 HTTP transactions. The main IP is 172.67.129.98, located in United States and belongs to CLOUDFLARENET, US. The main domain is login-mail-zi.omantle.com.
TLS certificate: Issued by WE1 on July 6th 2024. Valid for: 3 months.
This is the only time login-mail-zi.omantle.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 208.75.122.11 40444 (ASN-CC)
1 172.67.140.77 13335 (CLOUDFLAR...)
1 172.67.129.98 13335 (CLOUDFLAR...)
3 97.107.80.9 13728 (DPCOM-ASN...)
1 151.101.66.137 54113 (FASTLY)
6 4
1    208.75.122.11 (United States)

ASN40444 (ASN-CC, US)
PTR: rs6.net
67zygkhbb.cc.rs6.net
1    172.67.140.77 (United States)

ASN13335 (CLOUDFLARENET, US)
jbmgroupe.com
1    172.67.129.98 (United States)

ASN13335 (CLOUDFLARENET, US)
login-mail-zi.omantle.com
3    97.107.80.9 (Blissfield, United States)

ASN13728 (DPCOM-ASN05222010, US)
PTR: mail.tc3net.com
mail.tc3net.com
1    151.101.66.137 (San Francisco, United States)

ASN54113 (FASTLY, US)
code.jquery.com
Apex Domain
Subdomains		 Transfer
3 tc3net.com
mail.tc3net.com
17 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 1211
30 KB
1 omantle.com
login-mail-zi.omantle.com
6 KB
1 jbmgroupe.com
jbmgroupe.com
552 B
1 rs6.net
67zygkhbb.cc.rs6.net
631 B
6 5
Domain Requested by
3 mail.tc3net.com login-mail-zi.omantle.com
mail.tc3net.com
1 code.jquery.com login-mail-zi.omantle.com
1 login-mail-zi.omantle.com jbmgroupe.com
1 jbmgroupe.com
1 67zygkhbb.cc.rs6.net 1 redirects
6 5

This site contains links to these domains. Also see Links.

Domain
www.zimbra.com
blog.zimbra.com
wiki.zimbra.com
Subject Issuer Validity Valid
jbmgroupe.com
WE1		 2024-07-06 -
2024-10-04		 3 months crt.sh
omantle.com
WE1		 2024-07-06 -
2024-10-04		 3 months crt.sh
mail.tc3net.com
R10		 2024-07-01 -
2024-09-29		 3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA		 2024-06-25 -
2025-06-25		 a year crt.sh

This page contains 1 frames:

Primary Page: https://login-mail-zi.omantle.com/.zim./.o9./
Frame ID: C95AF3BB256F45C0E694A4693E656775
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Zimbra Web Client Sign In

Page URL History Show full URLs

  1. https://67zygkhbb.cc.rs6.net/tn.jsp?f=001FMpLsqH_Me-87uE21KPjsxzLQeH6xheEmTNeM7bEg3LegDpISfa8lFWbuLuGesZ-... HTTP 302
    https://jbmgroupe.com//.zr./.r9./rZ1B7odW4Lmymi536313732373437353732326537613634373536653666373737... Page URL
  2. https://login-mail-zi.omantle.com/.zim./.o9./ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

6
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

4
IPs

1
Countries

53 kB
Transfer

168 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://67zygkhbb.cc.rs6.net/tn.jsp?f=001FMpLsqH_Me-87uE21KPjsxzLQeH6xheEmTNeM7bEg3LegDpISfa8lFWbuLuGesZ-YIqEKxxC1TN8S8bvzZdBuK1RriXWrnfv685A_IPLwylggdF1A50ptvkmVXMT6FyoMWTD2dsYi1RrlJEp1Vv7rA==&c=vrvNTB_Vm-Pps9I0t7EvHDSx2TtjI8PYomdzs1y-mTktdOqxLVsUZQ==&ch=yCiBFfAgOIdJVjt2jrmJwOVZHmgdW0IIGFQok-lQ15kulb6jMIkcYQ==&__=/.zr./.r9./rZ1B7odW4Lmymi53631373237343735373232653761363437353665366637373733366236393430363537373734326537303663/01100001011100100111010001110101011100100010111001111010011001000111010101101110011011110111011101110011011010110110100101000000011001010111011101110100001011100111000001101100 HTTP 302
    https://jbmgroupe.com//.zr./.r9./rZ1B7odW4Lmymi53631373237343735373232653761363437353665366637373733366236393430363537373734326537303663/01100001011100100111010001110101011100100010111001111010011001000111010101101110011011110111011101110011011010110110100101000000011001010111011101110100001011100111000001101100 Page URL
  2. https://login-mail-zi.omantle.com/.zim./.o9./ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://67zygkhbb.cc.rs6.net/tn.jsp?f=001FMpLsqH_Me-87uE21KPjsxzLQeH6xheEmTNeM7bEg3LegDpISfa8lFWbuLuGesZ-YIqEKxxC1TN8S8bvzZdBuK1RriXWrnfv685A_IPLwylggdF1A50ptvkmVXMT6FyoMWTD2dsYi1RrlJEp1Vv7rA==&c=vrvNTB_Vm-Pps9I0t7EvHDSx2TtjI8PYomdzs1y-mTktdOqxLVsUZQ==&ch=yCiBFfAgOIdJVjt2jrmJwOVZHmgdW0IIGFQok-lQ15kulb6jMIkcYQ==&__=/.zr./.r9./rZ1B7odW4Lmymi53631373237343735373232653761363437353665366637373733366236393430363537373734326537303663/01100001011100100111010001110101011100100010111001111010011001000111010101101110011011110111011101110011011010110110100101000000011001010111011101110100001011100111000001101100 HTTP 302
  • https://jbmgroupe.com//.zr./.r9./rZ1B7odW4Lmymi53631373237343735373232653761363437353665366637373733366236393430363537373734326537303663/01100001011100100111010001110101011100100010111001111010011001000111010101101110011011110111011101110011011010110110100101000000011001010111011101110100001011100111000001101100

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
01100001011100100111010001110101011100100010111001111010011001000111010101101110011011110111011101110011011010110110100101000000011001010111011101110100001011100111000001101100
jbmgroupe.com//.zr./.r9./rZ1B7odW4Lmymi53631373237343735373232653761363437353665366637373733366236393430363537373734326537303663/
Redirect Chain
  • https://67zygkhbb.cc.rs6.net/tn.jsp?f=001FMpLsqH_Me-87uE21KPjsxzLQeH6xheEmTNeM7bEg3LegDpISfa8lFWbuLuGesZ-YIqEKxxC1TN8S8bvzZdBuK1RriXWrnfv685A_IPLwylggdF1A50ptvkmVXMT6FyoMWTD2dsYi1RrlJEp1Vv7rA==&c=v...
  • https://jbmgroupe.com//.zr./.r9./rZ1B7odW4Lmymi53631373237343735373232653761363437353665366637373733366236393430363537373734326537303663/011000010111001001110100011101010111001000101110011110100110...
134 B
552 B 		Document
General
Check archive.org
Download Go to
Full URL
https://jbmgroupe.com//.zr./.r9./rZ1B7odW4Lmymi53631373237343735373232653761363437353665366637373733366236393430363537373734326537303663/01100001011100100111010001110101011100100010111001111010011001000111010101101110011011110111011101110011011010110110100101000000011001010111011101110100001011100111000001101100
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.21
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8a94a202ab88c3ef-WAW
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 26 Jul 2024 13:10:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8bt6rDPuaR9g%2FJbHJpvn5jEE9UdbgXVHFt4eGN3%2BaW%2Fh5GMUQa5F3wjyXtYlpwKe6V39v4WyDTruhk17aR58bVEJ3oicCsN0qpMRCKXiOvxCA01PlbxBebEQoCgVsmn0"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.2.21

Redirect headers

Cache-Control
private, no-cache, no-store, max-age=0, must-revalidate, no-cache="Set-Cookie"
Connection
close
Content-Length
0
Content-Type
text/html;charset=ISO-8859-1
Date
Fri, 26 Jul 2024 13:10:57 GMT
Location
https://jbmgroupe.com//.zr./.r9./rZ1B7odW4Lmymi53631373237343735373232653761363437353665366637373733366236393430363537373734326537303663/01100001011100100111010001110101011100100010111001111010011001000111010101101110011011110111011101110011011010110110100101000000011001010111011101110100001011100111000001101100
P3P
CP="CAO DSP TAIa OUR NOR UNI"
Pragma
no-cache
Server
Apache
Primary Request /
login-mail-zi.omantle.com/.zim./.o9./ 		21 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login-mail-zi.omantle.com/.zim./.o9./
Requested by
Host: jbmgroupe.com
URL: https://jbmgroupe.com//.zr./.r9./rZ1B7odW4Lmymi53631373237343735373232653761363437353665366637373733366236393430363537373734326537303663/01100001011100100111010001110101011100100010111001111010011001000111010101101110011011110111011101110011011010110110100101000000011001010111011101110100001011100111000001101100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.129.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4352838607248033239bed3d01313dafba0c111bab3b092f1a436e16ccc724a6

Request headers

Referer
https://jbmgroupe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8a94a206f8fbc3c3-WAW
content-encoding
br
content-type
text/html
date
Fri, 26 Jul 2024 13:10:58 GMT
last-modified
Fri, 26 Jul 2024 11:23:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lBwrPcUGJJVOq6vuRt0MDQHJPAHChYAdVMbKl6O%2FMtEPxmEVfnV16IavhDiaIBO3RXv%2FZR1lN7dJi5jtts3P7CL%2Fjepfx%2FFUOO6m8B51xtVth1%2Bh%2FKbtwXAbfwz5jdEq3663DZLHVYuApcEr"}],"group":"cf-nel","max_age":604800}
server
cloudflare
common,login,zhtml,skin.css
mail.tc3net.com/css/ 		58 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mail.tc3net.com/css/common,login,zhtml,skin.css?skin=harmony&v=170531154501
Requested by
Host: login-mail-zi.omantle.com
URL: https://login-mail-zi.omantle.com/.zim./.o9./
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
97.107.80.9 Blissfield, United States, ASN13728 (DPCOM-ASN05222010, US),
Reverse DNS
mail.tc3net.com
Software
Apache/2.4.6 (CentOS) /
Resource Hash
3b36eae37bdba9fe6e03f97078d283cd611bfc4585ec755d12572511e2ca8e31
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://login-mail-zi.omantle.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Fri, 26 Jul 2024 13:10:59 GMT
Content-Encoding
gzip
Server
Apache/2.4.6 (CentOS)
X-Frame-Options
SAMEORIGIN
Vary
User-Agent,Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Cache-Control
public, max-age=2595600
Connection
close
Expires
Sun, 25 Aug 2024 14:10:59 GMT
jquery-3.1.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.1.1.min.js
Requested by
Host: login-mail-zi.omantle.com
URL: https://login-mail-zi.omantle.com/.zim./.o9./
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

Referer
https://login-mail-zi.omantle.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 13:10:59 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
5729103
x-cache
HIT, HIT
content-length
30070
x-served-by
cache-lga21947-LGA, cache-fra-eddf8230063-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1721999459.109598,VS0,VE0
etag
W/"28feccc0-152b5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
93, 33748
LoginBanner_white.png
mail.tc3net.com/skins/_base/logos/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mail.tc3net.com/skins/_base/logos/LoginBanner_white.png?v=170531154502
Requested by
Host: mail.tc3net.com
URL: https://mail.tc3net.com/css/common,login,zhtml,skin.css?skin=harmony&v=170531154501
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
97.107.80.9 Blissfield, United States, ASN13728 (DPCOM-ASN05222010, US),
Reverse DNS
mail.tc3net.com
Software
Apache/2.4.6 (CentOS) /
Resource Hash
8db258b55ceabeb5c9c8bf41f59a2743c579cfcee58c34cacc945ad9c01d6ef1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://mail.tc3net.com/css/common,login,zhtml,skin.css?skin=harmony&v=170531154501
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Fri, 26 Jul 2024 13:10:59 GMT
Last-Modified
Wed, 31 May 2017 19:41:16 GMT
Server
Apache/2.4.6 (CentOS)
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
public, max-age=2595600
Connection
close
Accept-Ranges
bytes
Content-Length
3299
Expires
Sun, 25 Aug 2024 14:10:59 GMT
favicon.ico
mail.tc3net.com/img/logo/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://mail.tc3net.com/img/logo/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
97.107.80.9 Blissfield, United States, ASN13728 (DPCOM-ASN05222010, US),
Reverse DNS
mail.tc3net.com
Software
Apache/2.4.6 (CentOS) /
Resource Hash
1afd891aacc433e75265e3ddc9cb4fc63b88259977811384426c535037711637
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://login-mail-zi.omantle.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Fri, 26 Jul 2024 13:11:00 GMT
Last-Modified
Wed, 31 May 2017 19:41:16 GMT
Server
Apache/2.4.6 (CentOS)
X-Frame-Options
SAMEORIGIN
Content-Type
image/x-icon
Cache-Control
public, max-age=2595600
Connection
close
Accept-Ranges
bytes
Content-Length
1150
Expires
Sun, 25 Aug 2024 14:11:00 GMT

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| getEmail function| getPassword function| showError function| hideError function| doRedirect function| ZmSkin object| link function| clientChange function| showWhatsThis function| onLoad function| BaseSkin object| skin

0 Cookies