Help
RSS
API
Feed
Maltego
Contact
Domain > 577366.com
×
More information on this domain is in
AlienVault OTX
Is this malicious?
Yes
No
DNS Resolutions
Date
IP Address
2021-04-03
156.232.93.78
(
ClassC
)
2025-11-27
138.113.134.54
(
ClassC
)
Port 80
HTTP/1.1 200 OKDate: Thu, 27 Nov 2025 12:39:30 GMTContent-Type: text/html; charsetUTF-8Transfer-Encoding: chunkedConnection: keep-aliveServer: PWS/8.3.1.0.8via: 1.1 PS-LAX-04Nnp24:25 (W)X-Px: ms PS-LAX-04Nnp24LAX(origin)x-ws-request-id: 69284681_PS-LAX-04Nnp24_13250-41514 !DOCTYPE html>html langen>head> meta charsetUTF-8> meta nameviewport contentwidthdevice-width, initial-scale1.0> title>JIN NIU/title> style> * { padding: 0; margin: 0; text-align: center; } body,html{ width: 100%; height: 100%; } .h5{ width: 100%; height: 100%; display: flex; align-items: center; justify-content: center; flex-direction: column; } .hidden{ display: none; } .logo { width: 168px; } .btn { width: 460px; height: 65px; margin-top: 80px; } .tips { font-size: 16px; margin-top: 20px; color: #333333; } @media only screen and (max-width: 768px) { .logo { width: 40vw; } .btn { width: 80%; height: 50px; margin: 20vh auto 0; font-size: 16px; } .tips { font-size: 16px; margin-top: 20px; color: #333333; } .wechat { background-size: 100% 100%; background-position: center; background-repeat: no-repeat; } } /style>/head>body>div classh5 hidden hidden> img classlogo src alt> img classbtn alt> p classtips>/p>/div>/body>script> (() > { function block() { if (window.outerHeight - window.innerHeight > 160 || window.outerWidth - window.innerWidth > 160) { // window.close() } setInterval(() > { (function () { return false; } constructor(debugger) call()); }, 50); } try { block(); } catch (err) { } })(); const logo document.querySelector(.logo) const btn document.querySelector(.btn); const body document.body let domain document.domain; let codeArray domain.split(.); let code codeArray0.toLowerCase(); let validUrl ; window.onload () > { let ua navigator.userAgent.toLowerCase(); let obj {} if (code && codeArray.length > 2) { readTxtFile(./inviteUrls.txt, function (text) { let line text.split(\n); line.map(function (value, index) { if (value ! undefined && value ! && value ! null) { let keyValue value.split(|) objkeyValue0.toLowerCase() keyValue1 } }); validUrl objcode if (ua.indexOf(micromessenger) ! -1 || ua.indexOf(weixin) ! -1) { } else { if (validUrl ! undefined && validUrl ! && validUrl ! null) { body.style.displaynone; window.location.replace(validUrl) return false } } }); } if (ua.indexOf(micromessenger) ! -1 || ua.indexOf(weixin) ! -1) { body.style.width window.innerWidth + px; body.style.height window.innerHeight + px; fetch(`./image/tips.js`).then(response > response.arrayBuffer()) // 转换为ArrayBuffer .then(buffer > { const slicedBuffer buffer.slice(8); const blob new Blob(slicedBuffer); body.style.backgroundImage `url(${URL.createObjectURL(blob)})` }) body.classList.add(wechat); return false; } else { fetch(`./image/logo.js`).then(response > response.arrayBuffer()) // 转换为ArrayBuffer .then(buffer > { const slicedBuffer buffer.slice(8); const blob new Blob(slicedBuffer); logo.src URL.createObjectURL(blob) }) document.querySelector(.h5).style.display flex; } fetch(`./image/enter.js`).then(response > response.arrayBuffer()) // 转换为ArrayBuffer .then(buffer > { const slicedBuffer buffer.slice(8); const blob new Blob(slicedBuffer); btn.src URL.createObjectURL(blob) }) btn.addEventListener(click, function (event) { window.location.replace(https://vcv.tst.com.hskk48yb6kug.com) }) } function readTxtFile(file, callback) { var xhr new XMLHttpRequest(); xhr.open(GET, file, true); xhr.onreadystatechange function () { if (xhr.readyState 4 && xhr.status 200) { callback(xhr.responseText); } }; xhr.send(); }/script>/html>
Port 443
HTTP/1.1 200 OKDate: Thu, 27 Nov 2025 12:39:30 GMTContent-Type: text/html; charsetUTF-8Transfer-Encoding: chunkedConnection: keep-aliveServer: PWS/8.3.1.0.8via: 1.1 PS-LAX-04Nnp24:13 (W)X-Px: ms PS-LAX-04Nnp24LAX(origin)x-ws-request-id: 69284682_PS-LAX-04Nnp24_11891-35229 !DOCTYPE html>html langen>head> meta charsetUTF-8> meta nameviewport contentwidthdevice-width, initial-scale1.0> title>JIN NIU/title> style> * { padding: 0; margin: 0; text-align: center; } body,html{ width: 100%; height: 100%; } .h5{ width: 100%; height: 100%; display: flex; align-items: center; justify-content: center; flex-direction: column; } .hidden{ display: none; } .logo { width: 168px; } .btn { width: 460px; height: 65px; margin-top: 80px; } .tips { font-size: 16px; margin-top: 20px; color: #333333; } @media only screen and (max-width: 768px) { .logo { width: 40vw; } .btn { width: 80%; height: 50px; margin: 20vh auto 0; font-size: 16px; } .tips { font-size: 16px; margin-top: 20px; color: #333333; } .wechat { background-size: 100% 100%; background-position: center; background-repeat: no-repeat; } } /style>/head>body>div classh5 hidden hidden> img classlogo src alt> img classbtn alt> p classtips>/p>/div>/body>script> (() > { function block() { if (window.outerHeight - window.innerHeight > 160 || window.outerWidth - window.innerWidth > 160) { // window.close() } setInterval(() > { (function () { return false; } constructor(debugger) call()); }, 50); } try { block(); } catch (err) { } })(); const logo document.querySelector(.logo) const btn document.querySelector(.btn); const body document.body let domain document.domain; let codeArray domain.split(.); let code codeArray0.toLowerCase(); let validUrl ; window.onload () > { let ua navigator.userAgent.toLowerCase(); let obj {} if (code && codeArray.length > 2) { readTxtFile(./inviteUrls.txt, function (text) { let line text.split(\n); line.map(function (value, index) { if (value ! undefined && value ! && value ! null) { let keyValue value.split(|) objkeyValue0.toLowerCase() keyValue1 } }); validUrl objcode if (ua.indexOf(micromessenger) ! -1 || ua.indexOf(weixin) ! -1) { } else { if (validUrl ! undefined && validUrl ! && validUrl ! null) { body.style.displaynone; window.location.replace(validUrl) return false } } }); } if (ua.indexOf(micromessenger) ! -1 || ua.indexOf(weixin) ! -1) { body.style.width window.innerWidth + px; body.style.height window.innerHeight + px; fetch(`./image/tips.js`).then(response > response.arrayBuffer()) // 转换为ArrayBuffer .then(buffer > { const slicedBuffer buffer.slice(8); const blob new Blob(slicedBuffer); body.style.backgroundImage `url(${URL.createObjectURL(blob)})` }) body.classList.add(wechat); return false; } else { fetch(`./image/logo.js`).then(response > response.arrayBuffer()) // 转换为ArrayBuffer .then(buffer > { const slicedBuffer buffer.slice(8); const blob new Blob(slicedBuffer); logo.src URL.createObjectURL(blob) }) document.querySelector(.h5).style.display flex; } fetch(`./image/enter.js`).then(response > response.arrayBuffer()) // 转换为ArrayBuffer .then(buffer > { const slicedBuffer buffer.slice(8); const blob new Blob(slicedBuffer); btn.src URL.createObjectURL(blob) }) btn.addEventListener(click, function (event) { window.location.replace(https://vcv.tst.com.hskk48yb6kug.com) }) } function readTxtFile(file, callback) { var xhr new XMLHttpRequest(); xhr.open(GET, file, true); xhr.onreadystatechange function () { if (xhr.readyState 4 && xhr.status 200) { callback(xhr.responseText); } }; xhr.send(); }/script>/html>
View on OTX
|
View on ThreatMiner
Please enable JavaScript to view the
comments powered by Disqus.
Data with thanks to
AlienVault OTX
,
VirusTotal
,
Malwr
and
others
. [
Sitemap
]