yyrj.lanzous.com Open in urlscan Pro
114.80.179.226 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://yyrj.lanzous.com/b00o8kbmb
Submission: On March 08 via manual (March 8th 2021, 6:48:12 pm UTC) from CA

Summary HTTP 9 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 9 HTTP transactions. The main IP is 114.80.179.226, located in China and belongs to CHINANET-SH-AP China Telecom (Group), CN. The main domain is yyrj.lanzous.com.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on April 6th 2020. Valid for: a year.

This is the only time yyrj.lanzous.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	114.80.179.226 114.80.179.226	4812 (CHINANET-...) (CHINANET-SH-AP China Telecom (Group))
2	58.215.157.250 58.215.157.250	23650 (CHINANET-...) (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone)
1	2401:b180:200... 2401:b180:2000:20::22	37963 (CNNIC-ALI...) (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.)
1	47.88.68.21 47.88.68.21	45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co.)
9	5

5 114.80.179.226 (China)

ASN4812 (CHINANET-SH-AP China Telecom (Group), CN)

yyrj.lanzous.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 58.215.157.250 (China)

ASN23650 (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone, CN)

s95.cnzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.cnzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2401:b180:2000:20::22 (China)

ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)

z4.cnzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.88.68.21 (San Mateo, United States)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)

cnzz.mmstat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	lanzous.com yyrj.lanzous.com	24 KB
3	cnzz.com s95.cnzz.com c.cnzz.com z4.cnzz.com	6 KB
1	mmstat.com cnzz.mmstat.com	432 B
9	3

	Domain	Requested by
5	yyrj.lanzous.com	yyrj.lanzous.com
1	cnzz.mmstat.com	yyrj.lanzous.com
1	z4.cnzz.com	yyrj.lanzous.com
1	c.cnzz.com	s95.cnzz.com
1	s95.cnzz.com	yyrj.lanzous.com
9	5

This site contains links to these domains. Also see Links.

Domain
www.cnzz.com

Subject Issuer	Validity	Valid
*.lanzous.com AlphaSSL CA - SHA256 - G2	`2020-04-06` - `2021-04-07`	a year	crt.sh
*.cnzz.com GlobalSign Organization Validation CA - SHA256 - G2	`2021-01-05` - `2022-02-06`	a year	crt.sh
*.mmstat.com GlobalSign Organization Validation CA - SHA256 - G2	`2020-07-16` - `2021-07-17`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://yyrj.lanzous.com/b00o8kbmb
Frame ID: B050FF27E999ADCF47D23BC3408518C8
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Tengine (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /Tengine/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

9
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

5
Subdomains

5
IPs

2
Countries

30 kB
Transfer

63 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cnzz.com/stat/website.php?web_id=1253610888
Title: 站长统计

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request b00o8kbmb Show response yyrj.lanzous.com/	7 KB 3 KB	1172ms 306ms	Document text/html	114.80.179.226 CHINANET-SH-AP Ch...
General Check archive.org Show headers Download Go to Full URL https://yyrj.lanzous.com/b00o8kbmb Protocol H2 Security TLS 1.3, , AES_256_GCM Server 114.80.179.226 , China, ASN4812 (CHINANET-SH-AP China Telecom (Group), CN), Reverse DNS Software Tengine / Resource Hash `c6f3da3d329f5e70014436baf0f9f644af7b97ac0ba0d7b521afe8e7a9a62006` Request headers :method GET :authority yyrj.lanzous.com :scheme https :path /b00o8kbmb pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers server Tengine content-type text/html; charset=utf-8 date Mon, 08 Mar 2021 18:47:46 GMT cache-control no-cache, must-revalidate content-encoding gzip via cache33.l2et2[30,0], cache1.cn3259[35,0] timing-allow-origin * eagleid 7250b39716152292660906755e
GET H2	200	t0.css yyrj.lanzous.com/img/	8 KB 5 KB	338ms 338ms	Stylesheet text/css	114.80.179.226 CHINANET-SH-AP Ch...
General Check archive.org Show headers Download Go to Full URL https://yyrj.lanzous.com/img/t0.css Requested by Host: yyrj.lanzous.com URL: https://yyrj.lanzous.com/b00o8kbmb Protocol H2 Security TLS 1.3, , AES_256_GCM Server 114.80.179.226 , China, ASN4812 (CHINANET-SH-AP China Telecom (Group), CN), Reverse DNS Software Tengine / Resource Hash `1cc95374d6491f2a6186eaace874eb9edde3bc590ae0138842bb739ca7719b2d` Request headers Referer https://yyrj.lanzous.com/b00o8kbmb User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 08 Mar 2021 15:37:10 GMT content-encoding gzip age 0 x-cache MISS TCP_MISS dirn:-2:-2 x-swift-cachetime 43200 x-swift-savetime Mon, 08 Mar 2021 18:47:46 GMT content-length 4360 last-modified Thu, 31 May 2018 06:21:54 GMT server Tengine etag "5b0f9482-1f13" vary Accept-Encoding ali-swift-global-savetime 1614700665 content-type text/css via cache11.l2cn2655[0,200-0,H], cache47.l2cn2655[0,0], cache7.cn3259[50,200-0,M], cache1.cn3259[52,0] cache-control max-age=43200 timing-allow-origin * eagleid 7250b39716152292664156962e expires Tue, 09 Mar 2021 03:37:10 GMT
GET H2	200	jquery.js Show response yyrj.lanzous.com/includes/js/	30 KB 16 KB	350ms 349ms	Script application/x-javascript	114.80.179.226 CHINANET-SH-AP Ch...
General Check archive.org Show headers Download Go to Full URL https://yyrj.lanzous.com/includes/js/jquery.js Requested by Host: yyrj.lanzous.com URL: https://yyrj.lanzous.com/b00o8kbmb Protocol H2 Security TLS 1.3, , AES_256_GCM Server 114.80.179.226 , China, ASN4812 (CHINANET-SH-AP China Telecom (Group), CN), Reverse DNS Software Tengine / Resource Hash `6bc21e325f9e92c5571194ff99852960f3e85876f69aaf05579c1e83ea2a0422` Request headers Referer https://yyrj.lanzous.com/b00o8kbmb User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 08 Mar 2021 15:37:10 GMT content-encoding gzip age 0 x-cache MISS TCP_MISS dirn:-2:-2 x-swift-cachetime 43200 x-swift-savetime Mon, 08 Mar 2021 18:47:46 GMT content-length 15669 last-modified Thu, 19 Apr 2012 00:31:14 GMT server Tengine etag "4f8f5cd2-7943" vary Accept-Encoding ali-swift-global-savetime 1614700665 content-type application/x-javascript via cache36.l2cn2655[0,200-0,H], cache13.l2cn2655[1,0], cache6.cn3259[61,200-0,M], cache1.cn3259[62,0] cache-control max-age=43200 timing-allow-origin * eagleid 7250b39716152292664166963e expires Tue, 09 Mar 2021 03:37:10 GMT
GET H2	200	stat.php Show response s95.cnzz.com/	12 KB 4 KB	858ms 283ms	Script application/javascript	58.215.157.250 CHINANET-JIANGSU-...
General Check archive.org Show headers Download Go to Full URL https://s95.cnzz.com/stat.php?id=1253610888&web_id=1253610888 Requested by Host: yyrj.lanzous.com URL: https://yyrj.lanzous.com/b00o8kbmb Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 58.215.157.250 , China, ASN23650 (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone, CN), Reverse DNS Software Tengine / PHP/5.5.25 Resource Hash `8039ee281c445e5ee891d7c177443b5c0009c8f4653191003138ceabc0e4a969` Request headers Referer https://yyrj.lanzous.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 08 Mar 2021 17:42:08 GMT content-encoding gzip age 3938 x-powered-by PHP/5.5.25 x-cache HIT TCP_MEM_HIT dirn:0:171327243 x-swift-cachetime 5397 x-swift-savetime Mon, 08 Mar 2021 17:42:11 GMT content-length 4077 last-modified Mon, 08 Mar 2021 17:42:08 GMT server Tengine vary Accept-Encoding ali-swift-global-savetime 1615225328 content-type application/javascript via cache41.l2cn1807[0,200-0,H], cache47.l2cn1807[0,0], cache6.cn2175[0,200-0,H], cache6.cn2175[1,0] cache-control max-age=5400,s-maxage=5400 timing-allow-origin * eagleid 3ad79d1a16152292669856302e
GET DATA	200 OK	truncated /	3 KB 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `7a696160027bdefb15257dc751f9e70fe204a4f17c5e56bf9502db2d5b5b6503` Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/gif
POST H2	200	filemoreajax.php Show response yyrj.lanzous.com/	362 B 492 B	325ms 325ms	XHR text/json	114.80.179.226 CHINANET-SH-AP Ch...
General Check archive.org Show headers Download Go to Full URL https://yyrj.lanzous.com/filemoreajax.php Requested by Host: yyrj.lanzous.com URL: https://yyrj.lanzous.com/b00o8kbmb Protocol H2 Security TLS 1.3, , AES_256_GCM Server 114.80.179.226 , China, ASN4812 (CHINANET-SH-AP China Telecom (Group), CN), Reverse DNS Software Tengine / Resource Hash `813e8aae7d6e82d716adcc9b7657edb1c9f0bf7debc4e8192c86bb56a603ced7` Request headers Accept application/json, text/javascript, / Referer https://yyrj.lanzous.com/b00o8kbmb X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Mon, 08 Mar 2021 18:47:47 GMT via cache34.l2et2[30,0], cache1.cn3259[35,0] server Tengine cache-control no-cache, must-revalidate timing-allow-origin * eagleid 7250b39716152292670637481e content-type text/json;charset=utf-8
GET H2	200	core.php Show response c.cnzz.com/	3 KB 2 KB	626ms 625ms	Script application/javascript	58.215.157.250 CHINANET-JIANGSU-...
General Check archive.org Show headers Download Go to Full URL https://c.cnzz.com/core.php?web_id=1253610888&t=z Requested by Host: s95.cnzz.com URL: https://s95.cnzz.com/stat.php?id=1253610888&web_id=1253610888 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 58.215.157.250 , China, ASN23650 (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone, CN), Reverse DNS Software Tengine / PHP/5.5.25 Resource Hash `cd70f043eb2e300dd58a95b4d7923ba222e57c2889f80826d3c6f71471776747` Request headers Referer https://yyrj.lanzous.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Mon, 08 Mar 2021 18:35:58 GMT content-encoding gzip age 709 x-powered-by PHP/5.5.25 x-cache HIT TCP_MEM_HIT dirn:-2:-2 x-swift-cachetime 900 x-swift-savetime Mon, 08 Mar 2021 18:35:58 GMT content-length 1657 last-modified Mon, 08 Mar 2021 18:35:58 GMT server Tengine vary Accept-Encoding ali-swift-global-savetime 1615228558 content-type application/javascript via cache22.l2cn2656[0,200-0,H], cache41.l2cn2656[0,0], cache7.cn2175[0,200-0,H], cache6.cn2175[0,0] timing-allow-origin * eagleid 3ad79d1a16152292676187108e expires Mon, 08 Mar 2021 18:50:58 GMT
GET H2	200	stat.htm z4.cnzz.com/	2 B 112 B	2374ms 1802ms	Image text/html	2401:b180:2000:20::22 CNNIC-ALIBABA-CN-...
General Check archive.org Show headers Download Go to Show image Full URL https://z4.cnzz.com/stat.htm?id=1253610888&r=&lg=en-us&ntime=none&cnzz_eid=1809221934-1615225328-&showp=1600x1200&p=https%3A%2F%2Fyyrj.lanzous.com%2Fb00o8kbmb&t=wetoolpro&umuuid=178132aaca423-0bde77505467c6-5771e33-1d4c00-178132aaca5a62&h=1&rnd=1813006763 Requested by Host: yyrj.lanzous.com URL: https://yyrj.lanzous.com/b00o8kbmb Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2401:b180:2000:20::22 , China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://yyrj.lanzous.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 08 Mar 2021 18:47:49 GMT content-encoding gzip server nginx vary Accept-Encoding content-type text/html; charset=utf-8
GET H2	200	exe.gif yyrj.lanzous.com/images/filetype/	93 B 387 B	289ms 289ms	Image image/gif	114.80.179.226 CHINANET-SH-AP Ch...
General Check archive.org Show headers Download Go to Show image Full URL https://yyrj.lanzous.com/images/filetype/exe.gif Requested by Host: yyrj.lanzous.com URL: https://yyrj.lanzous.com/b00o8kbmb Protocol H2 Security TLS 1.3, , AES_256_GCM Server 114.80.179.226 , China, ASN4812 (CHINANET-SH-AP China Telecom (Group), CN), Reverse DNS Software Tengine / Resource Hash `d2880f71033f471364bc3903b0f6b764acefb608362fb2d721787989e5307145` Request headers Referer https://yyrj.lanzous.com/b00o8kbmb User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 08 Mar 2021 15:37:11 GMT via cache15.l2cn2655[0,200-0,H], cache9.l2cn2655[0,0], cache7.cn3259[9,200-0,M], cache1.cn3259[11,0] age 11436 x-cache MISS TCP_MISS dirn:-2:-2 x-swift-cachetime 43200 x-swift-savetime Mon, 08 Mar 2021 18:47:47 GMT content-length 93 last-modified Wed, 31 Dec 2014 12:41:36 GMT server Tengine etag "54a3ef00-5d" ali-swift-global-savetime 1614700666 content-type image/gif cache-control max-age=2592000 accept-ranges bytes timing-allow-origin * eagleid 7250b39716152292673917718e expires Wed, 07 Apr 2021 15:37:11 GMT
GET H2	200	9.gif cnzz.mmstat.com/	43 B 432 B	506ms 167ms	Image image/gif	47.88.68.21 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Show image Full URL https://cnzz.mmstat.com/9.gif?abc=1&rnd=1876817087 Requested by Host: yyrj.lanzous.com URL: https://yyrj.lanzous.com/b00o8kbmb Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 47.88.68.21 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software nginx / Resource Hash `cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda` Request headers Referer https://yyrj.lanzous.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 08 Mar 2021 18:47:48 GMT server nginx p3p CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV" cache-control no-cache content-type image/gif content-length 43 expires Thu, 01 Jan 1970 00:00:01 GMT

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			yyrj.lanzous.com/	1970-01-19 21:02:34	Name: CNZZDATA1253610888 Value: 1809221934-1615225328-%7C1615225328
			.lanzous.com/	1970-01-19 21:02:34	Name: UM_distinctid Value: 178132aaca423-0bde77505467c6-5771e33-1d4c00-178132aaca5a62

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.cnzz.com
cnzz.mmstat.com
s95.cnzz.com
yyrj.lanzous.com
z4.cnzz.com
114.80.179.226
2401:b180:2000:20::22
47.88.68.21
58.215.157.250
1cc95374d6491f2a6186eaace874eb9edde3bc590ae0138842bb739ca7719b2d
6bc21e325f9e92c5571194ff99852960f3e85876f69aaf05579c1e83ea2a0422
7a696160027bdefb15257dc751f9e70fe204a4f17c5e56bf9502db2d5b5b6503
8039ee281c445e5ee891d7c177443b5c0009c8f4653191003138ceabc0e4a969
813e8aae7d6e82d716adcc9b7657edb1c9f0bf7debc4e8192c86bb56a603ced7
c6f3da3d329f5e70014436baf0f9f644af7b97ac0ba0d7b521afe8e7a9a62006
cd70f043eb2e300dd58a95b4d7923ba222e57c2889f80826d3c6f71471776747
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2880f71033f471364bc3903b0f6b764acefb608362fb2d721787989e5307145
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

yyrj.lanzous.com Open in urlscan Pro 114.80.179.226 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

9 Requests

100 %HTTPS

25 %IPv6

3 Domains

5 Subdomains

5 IPs

2 Countries

30 kBTransfer

63 kBSize

2 Cookies

1 Outgoing links

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

2 Cookies

Indicators

yyrj.lanzous.com Open in urlscan Pro
114.80.179.226 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

5
Subdomains

5
IPs

2
Countries

30 kB
Transfer

63 kB
Size

2
Cookies

9 HTTP transactions
1 data transactions