secure.id.fagmn.com - urlscan.io

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 3 HTTP transactions. The main IP is 23.224.14.12, located in Los Angeles, United States and belongs to CNSERVERS, US. The main domain is secure.id.fagmn.com.

This is the only time secure.id.fagmn.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	23.224.14.12 23.224.14.12	40065 (CNSERVERS) (CNSERVERS)
2	59.36.202.3 59.36.202.3	134764 (CT-FOSHAN...) (CT-FOSHAN-IDC CHINANET Guangdong province network)
3	2

1 23.224.14.12 (Los Angeles, United States)

ASN40065 (CNSERVERS, US)

secure.id.fagmn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 59.36.202.3 (China)

ASN134764 (CT-FOSHAN-IDC CHINANET Guangdong province network, CN)
PTR: 3.202.36.59.broad.jm.gd.dynamic.163data.com.cn

css.letvcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i0.letvimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	letvimg.com i0.letvimg.com	20 KB
1	letvcdn.com css.letvcdn.com	1 KB
1	fagmn.com secure.id.fagmn.com	731 B
3	3

	Domain	Requested by
1	i0.letvimg.com	secure.id.fagmn.com
1	css.letvcdn.com	secure.id.fagmn.com
1	secure.id.fagmn.com
3	3

This site contains no links.

Subject Issuer	Validity	Valid
le.com Secure Site Pro CA G2	`2020-02-19` - `2021-03-16`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://secure.id.fagmn.com/login.php
Frame ID: 05E792379783A7257144AD9192B29F69
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

3
Requests

67 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

22 kB
Transfer

21 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request login.php Show response secure.id.fagmn.com/	812 B 731 B	325ms 306ms	Document text/html	23.224.14.12 CNSERVERS
General Check archive.org Show headers Download Go to Full URL http://secure.id.fagmn.com/login.php Protocol HTTP/1.1 Server 23.224.14.12 Los Angeles, United States, ASN40065 (CNSERVERS, US), Reverse DNS Software nginx / Resource Hash `a9b41456be1660befabc0200c6f694394338b7eb4a90531f9658812b58bec358` Request headers Host secure.id.fagmn.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Server nginx Date Thu, 24 Dec 2020 07:45:46 GMT Content-Type text/html; charset=utf-8 Content-Length 528 Connection keep-alive Content-Encoding gzip Vary Accept-Encoding
GET H/1.1	200 OK	1556105399580new.css css.letvcdn.com/lc02_live/201904/24/19/29/	901 B 1 KB	710ms 230ms	Stylesheet text/css	59.36.202.3 CT-FOSHAN-IDC CHI...
General Check archive.org Show headers Download Go to Full URL https://css.letvcdn.com/lc02_live/201904/24/19/29/1556105399580new.css Requested by Host: secure.id.fagmn.com URL: http://secure.id.fagmn.com/login.php Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 59.36.202.3 , China, ASN134764 (CT-FOSHAN-IDC CHINANET Guangdong province network, CN), Reverse DNS 3.202.36.59.broad.jm.gd.dynamic.163data.com.cn Software nginx / Resource Hash `dbd7000fecf9edd98315db0330f1be736960827c8f4ece1f9855efed529e1eaa` Request headers Referer http://secure.id.fagmn.com/login.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 24 Dec 2020 07:45:47 GMT Via http/1.1 LT183 (ApacheTrafficServer/4.2.3 [uIcHs f p eN:t cCNi p s ]), http/1.1 LECDNTJTNDUOXCTC133 (LeCacheBox V2.32 [cHs f ]), http/1.1 ORI-CLOUD-HEN2-MIX-18 (jcs [cMsSfW]), http/1.1 GZ-CT-4-MIX-35 (jcs [cRs f ]) Age 13488011 le-top top1-good X-NG-Host LECDN-TJ-TN-DUOX-CTC-1-21 Connection keep-alive Content-Encoding gzip Content-Length 472 Last-Modified Wed, 24 Apr 2019 11:29:59 GMT Server nginx X-LeCloud-Ver LeCloud/31.3.17 X-Trace 200-1607624835470-0-0-0-82-82;200-1608795947081-0-0-0-1-1 ETag W/"5cc048b7-385" Vary Accept-Encoding Content-Type text/css Access-Control-Allow-Origin * Cache-Control max-age=31536000 Le_Status TCP_HIT Expires Thu, 10 Sep 2020 15:17:30 GMT
GET H/1.1	200 OK	1556343549209new.jpg i0.letvimg.com/lc05_live/201904/27/13/39/	19 KB 20 KB	713ms 239ms	Image image/jpeg	59.36.202.3 CT-FOSHAN-IDC CHI...
General Check archive.org Show headers Download Go to Show image Full URL https://i0.letvimg.com/lc05_live/201904/27/13/39/1556343549209new.jpg Requested by Host: secure.id.fagmn.com URL: http://secure.id.fagmn.com/login.php Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 59.36.202.3 , China, ASN134764 (CT-FOSHAN-IDC CHINANET Guangdong province network, CN), Reverse DNS 3.202.36.59.broad.jm.gd.dynamic.163data.com.cn Software nginx / Resource Hash `0cd0ba39537fa71d793be7fbbc503925f6cd133f4f80de565cd4bc7ee059c4c3` Request headers Referer http://secure.id.fagmn.com/login.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 24 Dec 2020 07:45:47 GMT Via http/1.1 LT172 (ApacheTrafficServer/4.2.3 [cSsNfU]), http/1.1 LECDNTJTNDUOXCTC128 (LeCacheBox V2.32 [cHs f ]), http/1.1 ORI-CLOUD-HEN2-MIX-17 (jcs [cHs f ]), http/1.1 GZ-CT-4-MIX-18 (jcs [cRs f ]) Age 20914491 X-NG-Host LECDN-TJ-TN-DUOX-CTC-1-48 Connection keep-alive Content-Length 19454 Last-Modified Sat, 27 Apr 2019 05:39:09 GMT Server nginx X-LeCloud-Ver LeCloud/31.3.17 X-Trace 200-1604914749344-0-0-0-1-1;200-1608795947089-0-0-0-1-1 Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control max-age=31536000 Accept-Ranges bytes Le_Status TCP_HIT Expires Mon, 26 Apr 2021 06:10:56 GMT

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

css.letvcdn.com
i0.letvimg.com
secure.id.fagmn.com
23.224.14.12
59.36.202.3
0cd0ba39537fa71d793be7fbbc503925f6cd133f4f80de565cd4bc7ee059c4c3
a9b41456be1660befabc0200c6f694394338b7eb4a90531f9658812b58bec358
dbd7000fecf9edd98315db0330f1be736960827c8f4ece1f9855efed529e1eaa

secure.id.fagmn.com Open in urlscan Pro 23.224.14.12 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

3 Requests

67 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

2 IPs

2 Countries

22 kBTransfer

21 kBSize

0 Cookies

0 Outgoing links

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

0 Cookies

Indicators

secure.id.fagmn.com Open in urlscan Pro
23.224.14.12 Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

67 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

22 kB
Transfer

21 kB
Size

0
Cookies

3 HTTP transactions
0 data transactions