Help
RSS
API
Feed
Maltego
Contact
Domain > ffb14.com
×
Welcome!
Right click nodes and scroll the mouse to navigate the graph.
×
More information on this domain is in
AlienVault OTX
Is this malicious?
Yes
No
DNS Resolutions
Date
IP Address
2019-11-08
104.18.22.121
(
ClassC
)
2024-10-30
223.165.12.50
(
ClassC
)
Port 80
HTTP/1.1 200 OKDate: Wed, 30 Oct 2024 18:15:32 GMTContent-Type: text/htmlContent-Length: 2261Connection: keep-aliveSet-Cookie: X-YK-WAF-R-C0001689757; path/Last-Modified: Wed, 23 Oct 2024 18:32:30 GMTAccept-Ranges: bytesETag: e6faecea7925db1:0X-Powered-By: ASP.NETServer: nginxX-Request-Id: 7a2ff4dd6087859d1569a141badc9b7d script>var hostjjjwindow.location.host.toLowerCase();var urlt window.location.href;urlturlt.split(hostjjj)1;var url1 new Array();var url2 new Array();var url3;var istiao1;eval(decodeURIComponent(url1%2Epush%28%22yumao1%2Ecom%22%29%3B%0D%0Aurl1%2Epush%28%22localhost%22%29%3B%0D%0Aurl1%2Epush%28%22127%2E0%2E0%2E1%22%29%3B%0D%0Aurl1%2Epush%28%22192%2E168%2E0%2E%22%29%3B));//url Starteval(decodeURIComponent(url2%2Epush%28%227m2a1%2Ecom%22%29%3B%0D%0Aurl2%2Epush%28%227m4a1%2Ecom%22%29%3B%0D%0Aurl2%2Epush%28%227m5a1%2Ecom%22%29%3B%0D%0Aurl2%2Epush%28%227mao4p%2Ecom%22%29%3B%0D%0Aurl2%2Epush%28%227ma08%2Ecom%22%29%3B%0D%0Aurl2%2Epush%28%227m3a1%2Ecom%22%29%3B%0D%0Aurl2%2Epush%28%227mq15%2Ecom%22%29%3B%0D%0Aurl2%2Epush%28%227mq17%2Ecom%22%29%3B%0D%0Aurl2%2Epush%28%227mk07%2Ecom%22%29%3B%0D%0Aurl2%2Epush%28%227m1a2%2Ecom%22%29%3B%0D%0Aurl2%2Epush%28%227m2a2%2Ecom%22%29%3B%0D%0Aurl2%2Epush%28%227m3a2%2Ecom%22%29%3B%0D%0Aurl2%2Epush%28%227m3a3%2Ecom%22%29%3B%0D%0Aurl2%2Epush%28%227m4a2%2Ecom%22%29%3B%0D%0Aurl2%2Epush%28%227m5a2%2Ecom%22%29%3B%0D%0Aurl2%2Epush%28%227mq16%2Ecom%22%29%3B%0D%0Aurl2%2Epush%28%227mt16%2Ecom%22%29%3B%0D%0Aurl2%2Epush%28%227mao7q%2Ecom%22%29%3B%0D%0Aurl2%2Epush%28%227mk08%2Ecom%22%29%3B%0D%0Aurl2%2Epush%28%227ma06%2Ecom%22%29%3B%0D%0A))//url End//UseProtocol Startvar UseProtocolhttps://;//UseProtocol End//UseDay Startvar UseDay1;//UseDay Endvar timestamp Date.parse(new Date());var dayjjjparseInt((timestamp+8*3600000-12*3600000)/86400000/UseDay);//url3 http://www.+escape(url2Math.floor(Math.random()*url2.length));url3 UseProtocol+www. + escape(url2(dayjjj%url2.length));for(var i0;iurl1.length;i++){ if (hostjjj.indexOf(url1i)>0){ istiao0; }}for(var i0;iurl2.length;i++){ if (hostjjj.indexOf(url2i)>0){ istiao0; //强制将不是www的访问转换为www. if (window.location.href.indexOf(www.)0){ top.location.hrefwindow.location.protocol + //www. + window.location.href.replace(http://,).replace(https://,); } }}if (istiao1){ //top.location.hrefurl3+urlt; //setTimeout(top.location.hrefurl3;,1000); top.location.hrefurl3;}/script>
Port 443
HTTP/1.1 200 OKDate: Wed, 30 Oct 2024 18:15:32 GMTContent-Type: text/htmlContent-Length: 2261Connection: keep-aliveSet-Cookie: X-YK-WAF-R-C0001689757; path/Last-Modified: Wed, 23 Oct 2024 18:32:30 GMTAccept-Ranges: bytesETag: e6faecea7925db1:0X-Powered-By: ASP.NETServer: nginxX-Request-Id: 16abb8ef34755e3f8cb33c16622e07b5 script>var hostjjjwindow.location.host.toLowerCase();var urlt window.location.href;urlturlt.split(hostjjj)1;var url1 new Array();var url2 new Array();var url3;var istiao1;eval(decodeURIComponent(url1%2Epush%28%22yumao1%2Ecom%22%29%3B%0D%0Aurl1%2Epush%28%22localhost%22%29%3B%0D%0Aurl1%2Epush%28%22127%2E0%2E0%2E1%22%29%3B%0D%0Aurl1%2Epush%28%22192%2E168%2E0%2E%22%29%3B));//url Starteval(decodeURIComponent(url2%2Epush%28%227m2a1%2Ecom%22%29%3B%0D%0Aurl2%2Epush%28%227m4a1%2Ecom%22%29%3B%0D%0Aurl2%2Epush%28%227m5a1%2Ecom%22%29%3B%0D%0Aurl2%2Epush%28%227mao4p%2Ecom%22%29%3B%0D%0Aurl2%2Epush%28%227ma08%2Ecom%22%29%3B%0D%0Aurl2%2Epush%28%227m3a1%2Ecom%22%29%3B%0D%0Aurl2%2Epush%28%227mq15%2Ecom%22%29%3B%0D%0Aurl2%2Epush%28%227mq17%2Ecom%22%29%3B%0D%0Aurl2%2Epush%28%227mk07%2Ecom%22%29%3B%0D%0Aurl2%2Epush%28%227m1a2%2Ecom%22%29%3B%0D%0Aurl2%2Epush%28%227m2a2%2Ecom%22%29%3B%0D%0Aurl2%2Epush%28%227m3a2%2Ecom%22%29%3B%0D%0Aurl2%2Epush%28%227m3a3%2Ecom%22%29%3B%0D%0Aurl2%2Epush%28%227m4a2%2Ecom%22%29%3B%0D%0Aurl2%2Epush%28%227m5a2%2Ecom%22%29%3B%0D%0Aurl2%2Epush%28%227mq16%2Ecom%22%29%3B%0D%0Aurl2%2Epush%28%227mt16%2Ecom%22%29%3B%0D%0Aurl2%2Epush%28%227mao7q%2Ecom%22%29%3B%0D%0Aurl2%2Epush%28%227mk08%2Ecom%22%29%3B%0D%0Aurl2%2Epush%28%227ma06%2Ecom%22%29%3B%0D%0A))//url End//UseProtocol Startvar UseProtocolhttps://;//UseProtocol End//UseDay Startvar UseDay1;//UseDay Endvar timestamp Date.parse(new Date());var dayjjjparseInt((timestamp+8*3600000-12*3600000)/86400000/UseDay);//url3 http://www.+escape(url2Math.floor(Math.random()*url2.length));url3 UseProtocol+www. + escape(url2(dayjjj%url2.length));for(var i0;iurl1.length;i++){ if (hostjjj.indexOf(url1i)>0){ istiao0; }}for(var i0;iurl2.length;i++){ if (hostjjj.indexOf(url2i)>0){ istiao0; //强制将不是www的访问转换为www. if (window.location.href.indexOf(www.)0){ top.location.hrefwindow.location.protocol + //www. + window.location.href.replace(http://,).replace(https://,); } }}if (istiao1){ //top.location.hrefurl3+urlt; //setTimeout(top.location.hrefurl3;,1000); top.location.hrefurl3;}/script>
View on OTX
|
View on ThreatMiner
Please enable JavaScript to view the
comments powered by Disqus.
Data with thanks to
AlienVault OTX
,
VirusTotal
,
Malwr
and
others
. [
Sitemap
]