urlscan.io logo urlscan.io
SecurityTrails logo

mgcmex.sa.com Open in urlscan Pro
23.95.90.184  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://thewz.com/tvjuk
Effective URL: https://mgcmex.sa.com/cmsauth/webmailbeta_aruba/user.my_account_access/main.aruba.it/mailbox_sign_in/index.htm
Submission: On July 29 via api from PL — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 4 domains to perform 4 HTTP transactions. The main IP is 23.95.90.184, located in Marietta, United States and belongs to AS-COLOCROSSING, US. The main domain is mgcmex.sa.com.
TLS certificate: Issued by R11 on June 16th 2024. Valid for: 3 months.
This is the only time mgcmex.sa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 208.109.16.231 398101 (GO-DADDY-...)
1 1 188.114.97.3 13335 (CLOUDFLAR...)
1 23.95.90.184 36352 (AS-COLOCR...)
3 199.232.196.193 54113 (FASTLY)
4 2
Apex Domain
Subdomains		 Transfer
3 imgur.com
i.imgur.com — Cisco Umbrella Rank: 7108
434 KB
1 sa.com
mgcmex.sa.com
3 KB
1 small.cx
small.cx
1 KB
1 thewz.com
thewz.com
1006 B
4 4
Domain Requested by
3 i.imgur.com mgcmex.sa.com
1 mgcmex.sa.com
1 small.cx 1 redirects
1 thewz.com 1 redirects
4 4

This site contains no links.

Subject Issuer Validity Valid
mgcmex.sa.com
R11		 2024-06-16 -
2024-09-14		 3 months crt.sh
*.imgur.com
Sectigo RSA Domain Validation Secure Server CA		 2024-02-15 -
2025-02-14		 a year crt.sh

This page contains 1 frames:

Primary Page: https://mgcmex.sa.com/cmsauth/webmailbeta_aruba/user.my_account_access/main.aruba.it/mailbox_sign_in/index.htm
Frame ID: 048C11FE009C972616247D80B7E9C533
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Webmail Aruba

Page URL History Show full URLs

  1. https://thewz.com/tvjuk HTTP 301
    https://small.cx/zyanr HTTP 301
    https://mgcmex.sa.com/cmsauth/webmailbeta_aruba/user.my_account_access/main.aruba.it/mailbox_sign_... Page URL

Page Statistics

4
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

2
IPs

2
Countries

437 kB
Transfer

435 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://thewz.com/tvjuk HTTP 301
    https://small.cx/zyanr HTTP 301
    https://mgcmex.sa.com/cmsauth/webmailbeta_aruba/user.my_account_access/main.aruba.it/mailbox_sign_in/index.htm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.htm
mgcmex.sa.com/cmsauth/webmailbeta_aruba/user.my_account_access/main.aruba.it/mailbox_sign_in/
Redirect Chain
  • https://thewz.com/tvjuk
  • https://small.cx/zyanr
  • https://mgcmex.sa.com/cmsauth/webmailbeta_aruba/user.my_account_access/main.aruba.it/mailbox_sign_in/index.htm
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mgcmex.sa.com/cmsauth/webmailbeta_aruba/user.my_account_access/main.aruba.it/mailbox_sign_in/index.htm
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.95.90.184 Marietta, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
23-95-90-184-host.colocrossing.com
Software
Apache /
Resource Hash
3c28c0a477a51b35a2b163573e7ecf9744aac0c3951d0949e46d1b76e95e328c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Length
2993
Content-Type
text/html
Date
Mon, 29 Jul 2024 06:45:46 GMT
Keep-Alive
timeout=5, max=100
Last-Modified
Mon, 29 Jul 2024 03:38:36 GMT
Server
Apache

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
must-revalidate, no-cache, no-store, private
cf-cache-status
DYNAMIC
cf-ray
8aab25e24df44c3e-MXP
content-type
text/html; charset=UTF-8
date
Mon, 29 Jul 2024 06:45:46 GMT
expires
-1
location
https://mgcmex.sa.com/cmsauth/webmailbeta_aruba/user.my_account_access/main.aruba.it/mailbox_sign_in/index.htm
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=33kL49j6zFXy%2F7VUlm1tuh7yh7riJ%2BZeZlV3wgcSYS8Yg80VDapkCqTrObF%2Fh%2FlJQ13F%2BSftwy2JQdIXbjd77e2GQHx82XL7mrg2IO7f1yuAmCctfMD%2B%2Br0WVw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15768000; includeSubDomains
x-cache-status
MISS
x-powered-by
PHP/8.2.21 PleskLin
lnCZ7Ys.png
i.imgur.com/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/lnCZ7Ys.png
Requested by
Host: mgcmex.sa.com
URL: https://mgcmex.sa.com/cmsauth/webmailbeta_aruba/user.my_account_access/main.aruba.it/mailbox_sign_in/index.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.193 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
32cb57ecd9a2ad6051ebd2620d2d1a7d5e8fe5aa37c283bd6ffe7e9bf29e51fb
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

Referer
https://mgcmex.sa.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 29 Jul 2024 06:45:46 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
ATL59-P7
age
1287985
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT, HIT
content-length
1211
x-served-by
cache-iad-kcgs7200029-IAD, cache-mxp6948-MXP
last-modified
Fri, 28 Jun 2024 00:44:36 GMT
server
cat factory 1.0
x-timer
S1722235547.868453,VS0,VE1
etag
"3161ccaf487c5a7007e08ca1b41049c3"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
arFJdVrKpyH5QAEv9n3jLDmgGwS4G9rzFjWtxhlSvxBpaF8uzx0BAA==
x-cache-hits
50, 0
fQXkb00.png
i.imgur.com/ 		431 KB
431 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/fQXkb00.png
Requested by
Host: mgcmex.sa.com
URL: https://mgcmex.sa.com/cmsauth/webmailbeta_aruba/user.my_account_access/main.aruba.it/mailbox_sign_in/index.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.193 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
1aaf6d164e78f05cf7e5eb2d8c1a8e0cd4c994d374a8da68322a24c2b2e54f41
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

Referer
https://mgcmex.sa.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 29 Jul 2024 06:45:46 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD89-P1
age
4079
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT, HIT
content-length
441084
x-served-by
cache-iad-kjyo7100023-IAD, cache-mxp6948-MXP
last-modified
Wed, 24 Jul 2024 03:28:10 GMT
server
cat factory 1.0
x-timer
S1722235547.869088,VS0,VE1
etag
"cb37746725dacfe19ac20d797b408eed"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
YiFgFe5kB4SEHNe_WWyeLlzcODGNeB4M5yk1AXlRUxnyGfHWDtj_yg==
x-cache-hits
4, 0
20hdBFK.png
i.imgur.com/ 		609 B
848 B 		Other
General
Check archive.org
Download Go to
Full URL
https://i.imgur.com/20hdBFK.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.193 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
ca8abfd1e71a10c486a26be86954293c5f62e1ff94ac52f9270a41c285243c5a
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

Referer
https://mgcmex.sa.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 29 Jul 2024 06:45:47 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
age
566165
x-amz-cf-pop
IAD12-P2
x-cache
Miss from cloudfront, HIT, HIT
content-length
609
x-served-by
cache-iad-kiad7000120-IAD, cache-mxp6948-MXP
last-modified
Tue, 31 May 2022 07:42:56 GMT
server
cat factory 1.0
x-timer
S1722235547.019893,VS0,VE1
etag
"0ecb135733886ee9f5b6b3fb54baa6cf"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
uaf3h5jOoDqRl3qWwafgoGCF5rQUl9-h2wwfchTBy5kVzWs3mo8c2A==
x-cache-hits
89, 0

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Domain/Path Name / Value
thewz.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IkZMNkdhazFQeXJCREFxdzJ0aThpSGc9PSIsInZhbHVlIjoiNE5rbFJQSk9lSXN2OExyck5NSG5YbGY1bmw2RzE2QVU0YVJsYkM0eEs4N2t4SXNtTlN4SFRZcGxkVngwYjRNcFA0SDdYalZzMTJMWDlKa0owaWoxb2ZqMlVDaUduSm1oNDh2bEExRHFlNU1XbjE4QnlHc1NlamZJcDZ0WVJRbjkiLCJtYWMiOiIxZThlNzQxNjdiODg3NzgyNDNhMGRjODc1NzJiN2M2ZGNiNGExYjNjYTIwMWUxZTg4NjY0OWVhYjY4Y2Q2MzI4IiwidGFnIjoiIn0%3D
thewz.com/ Name: phpshort_session
Value: eyJpdiI6IkpSenRHclY2MEJLcktCalVSSGU0Y1E9PSIsInZhbHVlIjoiTXN6dS91R2FSS1owYVZJU0h4UXVEV2NseitxQXZHWFBvUGQ1V09JUmFhR1hCNytDUFdQSHpEZlB6cUhrbGlLZGZRYmJadkxXNVBNZ3QzTmFsZEFrbkpkSkh5eFhYOWdKeHNpYjQ5UmhTaW1rays5ekxNTk5tNklvcWtkak9ERFUiLCJtYWMiOiI4YzI3M2M3NDIzMmY1OGI5NDgwNjViYjI3MWQ0MDQ3ZGMyNGM3Zjk2ZWMwY2FkY2FmNTg4ZTQ4ZTVkYmJlYTA1IiwidGFnIjoiIn0%3D
small.cx/ Name: XSRF-TOKEN
Value: eyJpdiI6ImtpRmhGN1BpOWN2dE1qOWlJUnhNdHc9PSIsInZhbHVlIjoiSjl1TWd2bkpxamdmbGpyZU9mdWdhNjlxT0hEYUVIM1UrZDFqOERPYm5zaVhTK00zYXN5NFdFTGZRRkdJeENYMXN4OUJxUjdBeldiQktyOWxpTXBvakNIWGlWRDdJZWdPRit0QmMvVzJDWjlUcDJVWlFIZ1lNcE84SEZHT1pLMUMiLCJtYWMiOiI4YTMxMGNlMDM1Njk0OWE0MDdkODYyYzgwODIwODA4MjkzMmI5YjNiZGRlOThlODg2MDU0YTVlNzhmNGNlYTg4IiwidGFnIjoiIn0%3D
small.cx/ Name: small_url_session
Value: eyJpdiI6IjlVY0JBN2VBRUZKZ1ltbUFwVjgwMEE9PSIsInZhbHVlIjoiRjQ3OC8rbVcvT2MxL3IxTzE5ejRGb29kbE56VTFDZGtOM05FVmloZk40OXlHL0tmWU1iazlKakp6MlZQWmFLaUEwaWE0c0lvQ3NOT1ZSWWFLMklGMk84RW5ZL25qNUQ2ZEtwTEN2SnNud3IydkR4VGtmYVQwYnRmUXRMSml2UkEiLCJtYWMiOiIwMmI5ODNmZmJhZjEyYWY4Y2FlYzMwYTM2MzVhZTYyMjJjNjUyNTNkMDU0NjZmN2MxODhkZDM1NzY5MDljODZlIiwidGFnIjoiIn0%3D

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://mgcmex.sa.com/cmsauth/webmailbeta_aruba/user.my_account_access/main.aruba.it/mailbox_sign_in/index.htm
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o