Help
RSS
API
Feed
Maltego
Contact
Domain > 972800.com
×
More information on this domain is in
AlienVault OTX
Is this malicious?
Yes
No
DNS Resolutions
Date
IP Address
2025-05-05
20.255.52.21
(
ClassC
)
2026-02-02
103.140.9.229
(
ClassC
)
Port 80
HTTP/1.1 200 OKDate: Mon, 02 Feb 2026 18:20:49 GMTContent-Type: text/htmlContent-Length: 1966Connection: keep-aliveServer: nginxStrict-Transport-Security: max-age31536000; includeSubDomains html>script>var _0x5654console,log,debug,search,replace,https://,apply,warn,table,pathname,exception,trace,return\x20(function()\x20,{}.constructor(\x22return\x20this\x22)(\x20),error;(function(_0x148b05,_0x5654f0){var _0x3741b3function(_0x396f38){while(--_0x396f38){_0x148b05push(_0x148b05shift());}};_0x3741b3(++_0x5654f0);}(_0x5654,0xba));var _0x3741function(_0x148b05,_0x5654f0){_0x148b05_0x148b05-0x0;var _0x3741b3_0x5654_0x148b05;return _0x3741b3;};var _0xc6f130function(){var _0x193831!!;return function(_0xe3bbb9,_0x1f670d){var _0xace33_0x193831?function(){if(_0x1f670d){var _0x186c12_0x1f670d_0x3741(0x0)(_0xe3bbb9,arguments);_0x1f670dnull;return _0x186c12;}}:function(){};_0x193831!;return _0xace33;};}();var _0x1af9e3_0xc6f130(this,function(){var _0x18a2e7function(){};var _0x4c4a1afunction(){var _0x4da621;try{_0x4da621Function(_0x3741(0x6)+_0x3741(0x7)+);)();}catch(_0x1beecc){_0x4da621window;}return _0x4da621;};var _0x1ed544_0x4c4a1a();if(!_0x1ed544_0x3741(0x9)){_0x1ed544_0x3741(0x9)function(_0xa08ce1){var _0x238492{};_0x238492_0x3741(0xa)_0xa08ce1;_0x238492_0x3741(0x1)_0xa08ce1;_0x238492_0x3741(0xb)_0xa08ce1;_0x238492info_0xa08ce1;_0x238492_0x3741(0x8)_0xa08ce1;_0x238492_0x3741(0x4)_0xa08ce1;_0x238492_0x3741(0x2)_0xa08ce1;_0x238492_0x3741(0x5)_0xa08ce1;return _0x238492;}(_0x18a2e7);}else{_0x1ed544_0x3741(0x9)_0x3741(0xa)_0x18a2e7;_0x1ed544_0x3741(0x9)warn_0x18a2e7;_0x1ed544_0x3741(0x9)_0x3741(0xb)_0x18a2e7;_0x1ed544_0x3741(0x9)info_0x18a2e7;_0x1ed544_0x3741(0x9)_0x3741(0x8)_0x18a2e7;_0x1ed544_0x3741(0x9)exception_0x18a2e7;_0x1ed544_0x3741(0x9)_0x3741(0x2)_0x18a2e7;_0x1ed544_0x3741(0x9)trace_0x18a2e7;}});_0x1af9e3();location_0x3741(0xd)(_0x3741(0xe)+locationhost+location_0x3741(0x3)+location_0x3741(0xc));/script>/html>
Port 443
HTTP/1.1 200 OKDate: Mon, 02 Feb 2026 18:20:51 GMTContent-Type: text/htmlContent-Length: 2282Connection: keep-aliveLast-Modified: Tue, 09 Sep 2025 03:40:38 GMTVary: Accept-EncodingETag: 68bfa1b6-8eaAccept-Ranges: bytesServer: nginxX-Request-Id: 30a597acce259a1ce33fc8ecd6c7335a !DOCTYPE html>html langen> head> meta charsetUTF-8 /> meta nameviewport contentwidthdevice-width, initial-scale1.0 /> title>跳转/title> /head> body> script> let len 8 // 可以配置的位数 let type en_num // 可以配置的模式 en 纯英文 en_num 英文+数字 // 比如:当前域名,如果包含 qq.com ,则跳转到 hao123.com let urlObj { 972.com: https://*.972-vip.com, 972011.com: https://*.972-vip.com, 972033.com: https://*.972-vip.com, 972055.com: https://*.972-vip.com, 972077.com: https://*.972-vip.com, 972800.com: https://*.972-vip.com, 972993.com: https://*.972-vip.com, www.972.com: https://*.972-vip.com, www.972011.com: https://*.972-vip.com, www.972033.com: https://*.972-vip.com, www.972077.com: https://*.972-vip.com, www.972055.com: https://*.972-vip.com, www.972800.com: https://*.972-vip.com, www.972993.com: https://*.972-vip.com, www.www-972.com: https://vip-972.com, www.vip-972.com: https://www-972.com, } let host window.location.href let range let randomStr if (type en_num) { range a, b, c, d, e, f, g, h, i, j, k, l, m, n, o, p, q, r, s, t, u, v, w, x, y, z, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 } else { range a, b, c, d, e, f, g, h, i, j, k, l, m, n, o, p, q, r, s, t, u, v, w, x, y, z } for (let i 0; i len; i++) { randomStr + rangeMath.floor(Math.random() * range.length) } Object.keys(urlObj).forEach(key > { if (host.includes(key)) { window.location.href urlObjkey.replace(/https:\/\/\*/, https:// + randomStr) } }) /script> /body>/html>
View on OTX
|
View on ThreatMiner
Please enable JavaScript to view the
comments powered by Disqus.
Data with thanks to
AlienVault OTX
,
VirusTotal
,
Malwr
and
others
. [
Sitemap
]