mgcmex.sa.com
Open in
urlscan Pro
23.95.90.184
Public Scan
Effective URL: https://mgcmex.sa.com/cmsauth/webmailbeta_aruba/user.my_account_access/main.aruba.it/mailbox_sign_in/index.htm
Submission: On July 29 via api from PL — Scanned from IT
Summary
TLS certificate: Issued by R11 on June 16th 2024. Valid for: 3 months.
This is the only time mgcmex.sa.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 208.109.16.231 208.109.16.231 | 398101 (GO-DADDY-...) (GO-DADDY-COM-LLC) | |
1 1 | 188.114.97.3 188.114.97.3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 23.95.90.184 23.95.90.184 | 36352 (AS-COLOCR...) (AS-COLOCROSSING) | |
3 | 199.232.196.193 199.232.196.193 | 54113 (FASTLY) (FASTLY) | |
4 | 2 |
ASN398101 (GO-DADDY-COM-LLC, US)
PTR: 231.16.109.208.host.secureserver.net
thewz.com |
ASN36352 (AS-COLOCROSSING, US)
PTR: 23-95-90-184-host.colocrossing.com
mgcmex.sa.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
imgur.com
i.imgur.com — Cisco Umbrella Rank: 7108 |
434 KB |
1 |
sa.com
mgcmex.sa.com |
3 KB |
1 |
small.cx
1 redirects
small.cx |
1 KB |
1 |
thewz.com
1 redirects
thewz.com |
1006 B |
4 | 4 |
Domain | Requested by | |
---|---|---|
3 | i.imgur.com |
mgcmex.sa.com
|
1 | mgcmex.sa.com | |
1 | small.cx | 1 redirects |
1 | thewz.com | 1 redirects |
4 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
mgcmex.sa.com R11 |
2024-06-16 - 2024-09-14 |
3 months | crt.sh |
*.imgur.com Sectigo RSA Domain Validation Secure Server CA |
2024-02-15 - 2025-02-14 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://mgcmex.sa.com/cmsauth/webmailbeta_aruba/user.my_account_access/main.aruba.it/mailbox_sign_in/index.htm
Frame ID: 048C11FE009C972616247D80B7E9C533
Requests: 4 HTTP requests in this frame
Screenshot
Page Title
Webmail ArubaPage URL History Show full URLs
-
https://thewz.com/tvjuk
HTTP 301
https://small.cx/zyanr HTTP 301
https://mgcmex.sa.com/cmsauth/webmailbeta_aruba/user.my_account_access/main.aruba.it/mailbox_sign_... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://thewz.com/tvjuk
HTTP 301
https://small.cx/zyanr HTTP 301
https://mgcmex.sa.com/cmsauth/webmailbeta_aruba/user.my_account_access/main.aruba.it/mailbox_sign_in/index.htm Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
4 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
index.htm
mgcmex.sa.com/cmsauth/webmailbeta_aruba/user.my_account_access/main.aruba.it/mailbox_sign_in/ Redirect Chain
|
3 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lnCZ7Ys.png
i.imgur.com/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fQXkb00.png
i.imgur.com/ |
431 KB 431 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
20hdBFK.png
i.imgur.com/ |
609 B 848 B |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
thewz.com/ | Name: XSRF-TOKEN Value: eyJpdiI6IkZMNkdhazFQeXJCREFxdzJ0aThpSGc9PSIsInZhbHVlIjoiNE5rbFJQSk9lSXN2OExyck5NSG5YbGY1bmw2RzE2QVU0YVJsYkM0eEs4N2t4SXNtTlN4SFRZcGxkVngwYjRNcFA0SDdYalZzMTJMWDlKa0owaWoxb2ZqMlVDaUduSm1oNDh2bEExRHFlNU1XbjE4QnlHc1NlamZJcDZ0WVJRbjkiLCJtYWMiOiIxZThlNzQxNjdiODg3NzgyNDNhMGRjODc1NzJiN2M2ZGNiNGExYjNjYTIwMWUxZTg4NjY0OWVhYjY4Y2Q2MzI4IiwidGFnIjoiIn0%3D |
|
thewz.com/ | Name: phpshort_session Value: eyJpdiI6IkpSenRHclY2MEJLcktCalVSSGU0Y1E9PSIsInZhbHVlIjoiTXN6dS91R2FSS1owYVZJU0h4UXVEV2NseitxQXZHWFBvUGQ1V09JUmFhR1hCNytDUFdQSHpEZlB6cUhrbGlLZGZRYmJadkxXNVBNZ3QzTmFsZEFrbkpkSkh5eFhYOWdKeHNpYjQ5UmhTaW1rays5ekxNTk5tNklvcWtkak9ERFUiLCJtYWMiOiI4YzI3M2M3NDIzMmY1OGI5NDgwNjViYjI3MWQ0MDQ3ZGMyNGM3Zjk2ZWMwY2FkY2FmNTg4ZTQ4ZTVkYmJlYTA1IiwidGFnIjoiIn0%3D |
|
small.cx/ | Name: XSRF-TOKEN Value: eyJpdiI6ImtpRmhGN1BpOWN2dE1qOWlJUnhNdHc9PSIsInZhbHVlIjoiSjl1TWd2bkpxamdmbGpyZU9mdWdhNjlxT0hEYUVIM1UrZDFqOERPYm5zaVhTK00zYXN5NFdFTGZRRkdJeENYMXN4OUJxUjdBeldiQktyOWxpTXBvakNIWGlWRDdJZWdPRit0QmMvVzJDWjlUcDJVWlFIZ1lNcE84SEZHT1pLMUMiLCJtYWMiOiI4YTMxMGNlMDM1Njk0OWE0MDdkODYyYzgwODIwODA4MjkzMmI5YjNiZGRlOThlODg2MDU0YTVlNzhmNGNlYTg4IiwidGFnIjoiIn0%3D |
|
small.cx/ | Name: small_url_session Value: eyJpdiI6IjlVY0JBN2VBRUZKZ1ltbUFwVjgwMEE9PSIsInZhbHVlIjoiRjQ3OC8rbVcvT2MxL3IxTzE5ejRGb29kbE56VTFDZGtOM05FVmloZk40OXlHL0tmWU1iazlKakp6MlZQWmFLaUEwaWE0c0lvQ3NOT1ZSWWFLMklGMk84RW5ZL25qNUQ2ZEtwTEN2SnNud3IydkR4VGtmYVQwYnRmUXRMSml2UkEiLCJtYWMiOiIwMmI5ODNmZmJhZjEyYWY4Y2FlYzMwYTM2MzVhZTYyMjJjNjUyNTNkMDU0NjZmN2MxODhkZDM1NzY5MDljODZlIiwidGFnIjoiIn0%3D |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
i.imgur.com
mgcmex.sa.com
small.cx
thewz.com
188.114.97.3
199.232.196.193
208.109.16.231
23.95.90.184
1aaf6d164e78f05cf7e5eb2d8c1a8e0cd4c994d374a8da68322a24c2b2e54f41
32cb57ecd9a2ad6051ebd2620d2d1a7d5e8fe5aa37c283bd6ffe7e9bf29e51fb
3c28c0a477a51b35a2b163573e7ecf9744aac0c3951d0949e46d1b76e95e328c
ca8abfd1e71a10c486a26be86954293c5f62e1ff94ac52f9270a41c285243c5a