Domain > dev.cdn.haimati.cn

More information on this domain is in AlienVault OTX

DNS Resolutions

Date	IP Address
2022-06-22	118.112.225.41 (ClassC)
2022-06-22	125.64.104.41 (ClassC)
2025-07-31	60.188.66.41 (ClassC)

HTTP/1.1 200 OKServer: nginxDate: Thu, 31 Jul 2025 17:46:12 GMTContent-Type: text/htmlContent-Length: 4708Connection: keep-aliveLast-Modified: Tue, 22 Apr 2025 09:56:30 GMTETag: FpSLC-dAJGKWZ0uGc2UARLp_NS3xCache-Control: public, max-age86400Accept-Ranges: bytesAccess-Control-Allow-Origin: *Access-Control-Expose-Headers: X-Log, X-ReqidAccess-Control-Max-Age: 2592000Content-Disposition: inline; filename; filename*utf-8Content-Md5: hd16Wl9Z0gPJ87DbWKksUwContent-Transfer-Encoding: binaryVary: Accept-EncodingX-Reqid: 9kMAAABK-S03mFYYX-Svr: IOX-Qiniu-Zone: 0X-Log: X-LogOhc-Global-Saved-Time: Thu, 31 Jul 2025 17:46:12 GMTOhc-Cache-HIT: jh2ct62 4, fsix62 2Ohc-File-Size: 4708X-Cache-Status: MISS

!DOCTYPE html>html langzh-CN>head>meta charsetutf-8>meta contentalways namereferrer>meta http-equivX-UA-Compatible contentIEedge>title>海马体照相馆/title>script>document.addEventListener(DOMContentLoaded, function() {        document.documentElement.style.fontSize  document.documentElement.clientWidth / 20 + px      })      var coverSupport         CSS in window &&        typeof CSS.supports  function &&        (CSS.supports(top: env(a)) || CSS.supports(top: constant(a)))      document.write(        meta nameviewport contentwidthdevice-width, user-scalableno, initial-scale1.0, maximum-scale1.0, minimum-scale1.0 +          (coverSupport ? , viewport-fitcover : ) +           />      )/script>link relstylesheet href./static/index.d0f128df.css>link relstylesheet hrefhttps://res.wx.qq.com/open/libs/weui/0.4.3/weui.min.css>script srchttps://static.geetest.com/v4/gt4.js>/script>/head>body>script>// 判断是否是支付宝小程序webview访问      var ua  navigator.userAgent.toLowerCase()      if (ua.indexOf(aliapp) > -1) {        document.writeln(link hrefhttps://res.wx.qq.com/open/libs/weui/0.4.3/weui.min.css + > +  + / + link>)        document.writeln(script srchttps://appx/web-view.min.js + > +  + / + script>)        document.writeln(script srchttps://gw.alipayobjects.com/as/g/h5-lib/alipayjsapi/3.1.1/alipayjsapi.min.js + > +  + / + script>)      }/script>script>// 判断是否是微信小程序webview访问      function isInWechatMP() {        return Boolean((navigator.userAgent.match(/micromessenger/i) && navigator.userAgent.match(/miniprogram/i)) || window.__wxjs_environment  miniprogram);      }      let weixin  isInWechatMP()      if (weixin||weixin.length) {        var script  document.createElement(script)        script.type  text/javascript        script.src  https://res.wx.qq.com/open/js/jweixin-1.3.2.js        document.body.appendChild(script)      }/script>script>// 判断是否是字节小程序webview访问      const isTTWebView  navigator.userAgent.toLowerCase().includes(toutiaomicroapp);      if (isTTWebView) {        document.writeln(script srchttps://lf1-cdn-tos.bytegoofy.com/goofy/developer/jssdk/jssdk-1.0.3.js + > +  + / + script>)      }/script>script>;(function() {        // 获取cookie        function getCookie(name) {          var arr          var reg  new RegExp((^| ) + name + (^;*)(;|$))          arr  document.cookie.match(reg)          return arr ? arr2 : null        }        // 设置localStorage        function setLocalStorage(name, data, expireTime) {          if (!name) throw new Error(need name)          var needStringify  typeof data  object          var storageData  {            expireTimeStamp: 0,            value: needStringify ? JSON.stringify(data) : data,            stringified: needStringify ? 1 : 0          }          if (expireTime) {            var nowTime  new Date().getTime()            storageData.expireTimeStamp  nowTime + expireTime          }          return localStorage.setItem(name, JSON.stringify(storageData))        }        // 获取localstorage        function getLocalStorage (name) {          var data  localStorage.getItem(name)          if (!data) return null          data  JSON.parse(data)          if (data.expireTimeStamp && new Date().getTime() > Number(data.expireTimeStamp)) {            localStorage.removeItem(name)            return null          }          return data.stringified  1 ? JSON.parse(data.value) : data.value        }        // 判断是否是获取微信key的回跳地址        var matched  location.search.match(/^\?temp_token(.*)$/)        if (matched) {          // 缓存temptoken，9min，后端是10min          setLocalStorage(temp_token, matched1, new Date().getTime() + 540000)          var hash  decodeURIComponent(getLocalStorage(retureHash) || )          localStorage.removeItem(retureHash)          window.location.href  window.location.origin + window.location.pathname + hash        }         // else if (window.history.length  2) {        //   window.history.pushState({ title: title, url: # }, title, )        // }      })()/script>noscript>strong>Please enable JavaScript to continue./strong>/noscript>div idapp>/div>script src./static/js/chunk-vendors.6f62e3ef.js>/script>script src./static/js/index.53509890.js>/script>/body>/html>

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]

Domain > dev.cdn.haimati.cn

Is this malicious?

DNS Resolutions

Port 80

Port 443