urlscan.io logo urlscan.io
SecurityTrails logo

jisi.lanzout.com Open in urlscan Pro
60.165.116.42  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://rustdesk.jisicn.top/
Effective URL: https://jisi.lanzout.com/b00zrkm9e
Submission Tags: phishingrod
Submission: On May 29 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 7 HTTP transactions. The main IP is 60.165.116.42, located in China and belongs to CHINANET-LANZHOU-IDC China Telecom, CN. The main domain is jisi.lanzout.com.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on January 23rd 2024. Valid for: a year.
This is the only time jisi.lanzout.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 132.226.127.168 31898 (ORACLE-BM...)
1 60.165.116.42 141998 (CHINANET-...)
3 120.233.179.103 9808 (CHINAMOBI...)
1 223.247.106.57 4134 (CHINANET-...)
2 14.215.182.140 4134 (CHINANET-...)
7 5
1    132.226.127.168 (Phoenix, United States)

ASN31898 (ORACLE-BMC-31898, US)
rustdesk.jisicn.top
1    60.165.116.42 (China)

ASN141998 (CHINANET-LANZHOU-IDC China Telecom, CN)
jisi.lanzout.com
3    120.233.179.103 (China)

ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN)
assets.woozooo.com
1    223.247.106.57 (China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)
statics.woozooo.com
2    14.215.182.140 (Guangzhou, China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)
hm.baidu.com
Apex Domain
Subdomains		 Transfer
4 woozooo.com
assets.woozooo.com — Cisco Umbrella Rank: 704310
statics.woozooo.com — Cisco Umbrella Rank: 801666
38 KB
2 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 10507
12 KB
1 lanzout.com
jisi.lanzout.com
4 KB
1 jisicn.top
rustdesk.jisicn.top
89 B
7 4
Domain Requested by
3 assets.woozooo.com jisi.lanzout.com
2 hm.baidu.com statics.woozooo.com
jisi.lanzout.com
1 statics.woozooo.com jisi.lanzout.com
1 jisi.lanzout.com
1 rustdesk.jisicn.top 1 redirects
7 5

This site contains links to these domains. Also see Links.

Domain
api.ilanzou.com
Subject Issuer Validity Valid
*.lanzout.com
AlphaSSL CA - SHA256 - G4		 2024-01-23 -
2025-02-23		 a year crt.sh
*.woozooo.com
GlobalSign GCC R6 AlphaSSL CA 2023		 2024-04-01 -
2025-05-03		 a year crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018		 2023-07-06 -
2024-08-06		 a year crt.sh

This page contains 1 frames:

Primary Page: https://jisi.lanzout.com/b00zrkm9e
Frame ID: 2F2990A4CC07E0EBD8511D7D68B50DAB
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

远程工具

Page URL History Show full URLs

  1. https://rustdesk.jisicn.top/ HTTP 301
    https://jisi.lanzout.com/b00zrkm9e Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

54 kB
Transfer

81 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://rustdesk.jisicn.top/ HTTP 301
    https://jisi.lanzout.com/b00zrkm9e Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request b00zrkm9e
jisi.lanzout.com/
Redirect Chain
  • https://rustdesk.jisicn.top/
  • https://jisi.lanzout.com/b00zrkm9e
9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://jisi.lanzout.com/b00zrkm9e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
60.165.116.42 , China, ASN141998 (CHINANET-LANZHOU-IDC China Telecom, CN),
Reverse DNS
Software
openresty /
Resource Hash
da08ab5cbc244491da46554928f46aa8125c9f434415768007ff1885ad8b20b0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Age
1
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 29 May 2024 02:52:40 GMT
Server
openresty
Transfer-Encoding
chunked
X-CCDN-CacheTTL
0
X-CCDN-Origin-Time
85
via
CHN-GSlanzhou-AREACT7-CACHE24[247],CHN-GSlanzhou-AREACT7-CACHE10[202,TCP_MISS,244],CHN-HEshijiazhuang-GLOBAL1-CACHE41[140],CHN-HEshijiazhuang-GLOBAL1-CACHE102[85,TCP_MISS,133]
x-hcs-proxy-type
0

Redirect headers

content-length
166
content-type
text/html
date
Wed, 29 May 2024 02:52:38 GMT
location
https://jisi.lanzout.com/b00zrkm9e
server
openresty
t0.css
assets.woozooo.com/assets/img/ 		8 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.woozooo.com/assets/img/t0.css
Requested by
Host: jisi.lanzout.com
URL: https://jisi.lanzout.com/b00zrkm9e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
120.233.179.103 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),
Reverse DNS
Software
openresty /
Resource Hash
1cc95374d6491f2a6186eaace874eb9edde3bc590ae0138842bb739ca7719b2d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://jisi.lanzout.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

nginx-hit
1
Date
Wed, 29 May 2024 02:52:42 GMT
Content-Encoding
gzip
via
CHN-GDdongguan-CMCC5-CACHE43[4],CHN-GDdongguan-CMCC5-CACHE15[0,TCP_HIT,2],CHN-GDdongguan-GLOBAL1-CACHE46[40],CHN-GDdongguan-GLOBAL1-CACHE120[0,TCP_HIT,35]
X-CCDN-CacheTTL
2592000
Age
2211469
Connection
keep-alive
Content-Length
4360
Last-Modified
Thu, 31 May 2018 06:21:54 GMT
Server
openresty
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=43200
X-CCDN-Expires
380531
Accept-Ranges
bytes
x-hcs-proxy-type
1
Expires
Mon, 29 Apr 2024 16:09:32 GMT
jquery.js
assets.woozooo.com/assets/includes/js/ 		30 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.woozooo.com/assets/includes/js/jquery.js
Requested by
Host: jisi.lanzout.com
URL: https://jisi.lanzout.com/b00zrkm9e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
120.233.179.103 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),
Reverse DNS
Software
openresty /
Resource Hash
6bc21e325f9e92c5571194ff99852960f3e85876f69aaf05579c1e83ea2a0422

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://jisi.lanzout.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

nginx-hit
1
Date
Wed, 29 May 2024 02:52:42 GMT
via
CHN-GDdongguan-CMCC5-CACHE51[2],CHN-GDdongguan-CMCC5-CACHE5[0,TCP_HIT,0],CHN-GDdongguan-GLOBAL1-CACHE1[10],CHN-GDdongguan-GLOBAL1-CACHE5[0,TCP_HIT,5]
X-CCDN-CacheTTL
2592000
Age
164070
Connection
keep-alive
Content-Length
31043
Last-Modified
Thu, 19 Apr 2012 00:31:14 GMT
Server
openresty
ETag
"4f8f5cd2-7943"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=43200
X-CCDN-Expires
2427989
Accept-Ranges
bytes
x-hcs-proxy-type
1
Expires
Mon, 20 May 2024 13:50:02 GMT
bd.js
statics.woozooo.com/img/ 		258 B
819 B 		Script
General
Check archive.org
Download Go to
Full URL
https://statics.woozooo.com/img/bd.js
Requested by
Host: jisi.lanzout.com
URL: https://jisi.lanzout.com/b00zrkm9e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
223.247.106.57 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
openresty /
Resource Hash
a57b4a9c1aae1743d9953c45a31d008cfb3ca0b414c8bdd1fe854dd404280e72

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://jisi.lanzout.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

nginx-hit
1
Date
Wed, 29 May 2024 02:52:42 GMT
via
CHN-AHhefei-AREACT5-CACHE32[1],CHN-AHhefei-AREACT5-CACHE6[0,TCP_HIT,0],CHN-SH-GLOBAL4-CACHE87[17],CHN-SH-GLOBAL4-CACHE37[0,TCP_HIT,14]
X-CCDN-CacheTTL
2592000
Age
2676671
Connection
keep-alive
Content-Length
258
Last-Modified
Tue, 24 May 2022 14:37:49 GMT
Server
openresty
ETag
"628cedbd-102"
Content-Type
application/x-javascript
Cache-Control
max-age=43200
X-CCDN-Expires
2507347
Accept-Ranges
bytes
x-hcs-proxy-type
1
Expires
Wed, 10 Apr 2024 21:11:39 GMT
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a696160027bdefb15257dc751f9e70fe204a4f17c5e56bf9502db2d5b5b6503

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
hm.js
hm.baidu.com/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?fb7e760e987871d56396999d288238a4
Requested by
Host: statics.woozooo.com
URL: https://statics.woozooo.com/img/bd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
035da01232b8233217c58d57d0869b2647263c9c276d460c978ca620e1f0860e
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://jisi.lanzout.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 29 May 2024 02:52:43 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
8230b5bf286f04c3b67aebdd07180b2b
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11581
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=de-de&lo=0&rnd=89612834&si=fb7e760e987871d56396999d288238a4&v=1.3.0&lv=1&sn=65234&r=0&ww=1600&u=https%3A%2F%2Fjisi.lanzout.com%2Fb00zrkm9e&tt=%E8%BF%9C%E7%A8%8B%E5%B7%A5%E5%85%B7
Requested by
Host: jisi.lanzout.com
URL: https://jisi.lanzout.com/b00zrkm9e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://jisi.lanzout.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 29 May 2024 02:52:44 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
favicon.ico
assets.woozooo.com/assets/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://assets.woozooo.com/assets/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
120.233.179.103 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),
Reverse DNS
Software
openresty /
Resource Hash
22489aa1578915c922e7d16566a5b926a6c430961f3327e90f0b10dad21f0781

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://jisi.lanzout.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

nginx-hit
1
Date
Wed, 29 May 2024 02:52:44 GMT
via
CHN-GDdongguan-CMCC5-CACHE51[3],CHN-GDdongguan-CMCC5-CACHE27[0,TCP_HIT,0],CHN-GDdongguan-GLOBAL1-CACHE101[13],CHN-GDdongguan-GLOBAL1-CACHE27[0,TCP_HIT,6]
X-CCDN-CacheTTL
2592000
Last-Modified
Wed, 03 Sep 2014 01:31:20 GMT
Server
openresty
Age
25122228
ETag
"54066f68-47e"
Content-Type
image/x-icon
X-CCDN-Expires
798167
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1150
x-hcs-proxy-type
1

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery string| ined6x undefined| pwd number| pgs string| ibhp3b string| _hg154 function| file function| more object| _hmt boolean| _bdhm_loaded_fb7e760e987871d56396999d288238a4 object| mini_tangram_log_9f7h0h

4 Cookies

Domain/Path Name / Value
.lanzout.com/ Name: codelen
Value: 1
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: 74CFACDA58F6EBF9
.lanzout.com/ Name: Hm_lvt_fb7e760e987871d56396999d288238a4
Value: 1716951164
.lanzout.com/ Name: Hm_lpvt_fb7e760e987871d56396999d288238a4
Value: 1716951164

2 Console Messages

Source Level URL
Text
other warning URL: https://jisi.lanzout.com/b00zrkm9e
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://jisi.lanzout.com/b00zrkm9e
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.