Domain > 3344.ljbprod.site

More information on this domain is in AlienVault OTX

DNS Resolutions

Date	IP Address
2024-06-01	18.172.122.124 (ClassC)
2024-06-01	18.172.122.29 (ClassC)
2026-01-27	3.175.34.27 (ClassC)

HTTP/1.1 200 OKContent-Type: text/htmlContent-Length: 4800Connection: keep-aliveServer: openrestyDate: Tue, 27 Jan 2026 06:33:03 GMTAccess-Control-Allow-Origin: *Vary: Accept-EncodingLast-Modified: Mon, 27 Nov 2023 08:31:00 GMTx-amz-version-id: 47_5n13QXazLilllmURC9fvgIOGupnR8ETag: 6b2c8d45271d8fbdbf2883e9afbad46dX-Cache: Miss from cloudfrontVia: 1.1 c03a4954a1bffe652f0bc5bc615a5530.cloudfront.net (CloudFront)X-Amz-Cf-Pop: HIO52-P3X-Amz-Cf-Id: 7DewU12hVxiTTiRuuobsVv2QOE0jS5GL2B5iyX-2j7DqVRHqCXNeDA

!DOCTYPE html>html langen>head>    meta charsetUTF-8>    title>跳转中.../title>/head>body>script typetext/javascript>    // 获取URL参数    function getParam(name) {        var reg  new RegExp((^|&) + name + (^&*)(&|$), i);        var r  window.location.search.substr(1).match(reg);        if (r ! null) return unescape(r2);        return null;    }    // 自动跳转    let os  function () {        var ua  navigator.userAgent,            isWindowsPhone  /(?:Windows Phone)/.test(ua),            isSymbian  /(?:SymbianOS)/.test(ua) || isWindowsPhone,            isAndroid  /(?:Android)/.test(ua),            isFireFox  /(?:Firefox)/.test(ua),            isChrome  /(?:Chrome|CriOS)/.test(ua),            isTablet  /(?:iPad|PlayBook)/.test(ua) || (isAndroid && !/(?:Mobile)/.test(ua)) || (isFireFox && /(?:Tablet)/.test(ua)),            isPhone  /(?:iPhone)/.test(ua) && !isTablet,            isPc  !isPhone && !isAndroid && !isSymbian;        return {            isTablet: isTablet,            isPhone: isPhone,            isAndroid: isAndroid,            isPc: isPc,            isMobile: isPhone || isAndroid        };    }();    let remainUrl      searchUrl  location.search.substr(1);    hashUrl  location.hash.substr(1);    if (searchUrl) {        remainUrl + ? + searchUrl    }    if(hashUrl) {        remainUrl + # + hashUrl    }    platformType  getParam(type) // app type    channelId  getParam(channelId) // channelId    urlHasPc  /(\/pc\/)/.test(window.location.href);    urlHasMobile  /(\/mobile\/)/.test(window.location.href);    // const apiUrl  https://www.hyzhuan.com/; // online    // default 2.0    let pc  pc2    let mobile  mobile3    platformType  3 // default 2.0    // // check domain version, only for net cash domain    // if (platformType  null && channelId  null && getDomainVer(apiUrl)  2) {    //     pc  pc2    //     mobile  mobile3    // } else {    //     // support H5 domain    //     if(platformType  3) {    //         pc  pc2    //         mobile  mobile3    //     } else if(platformType  2) {    //         pc  pc    //         mobile  mobile2    //     }    // }    //    // // check channelId    // if(platformType ! 3 && channelId ! null && getChannelVer(apiUrl, channelId)  2) {    //     pc  pc2    //     mobile  mobile3    // }    let result    if (!urlHasPc && !urlHasMobile) {        if(os.isPc) {            location.href  /+pc+/ + remainUrl        } else if(os.isMobile){            if(platformType  2) {                location.href  /mobile2/ + remainUrl            } else {                location.href  /+mobile+/ + remainUrl            }        }    }    if (os.isPc && urlHasMobile)  {        location.href  /+pc+/ + remainUrl    }    if (os.isMobile && urlHasPc)  {        if(platformType  2) {            location.href  /mobile2/ + remainUrl        } else {            location.href  /+mobile+/ + remainUrl        }    }    // check channel version    function getChannelVer(url, channelId) {        try {            let res  httpPost(url + v1/config/getChannelVersion, ChannelId+channelId)            if (resDataErrCode  1 && resDataVersion  2.0) {                return 2            }        } catch (e) {            console.log(getChannelVer error>, e)        }        return 1    }    // check domain version    function getDomainVer(url) {        try {            let res  httpPost(url + v1/config/getH5Domain, Domain+window.location.host)            if (resDataErrCode  1 && resDataVersion  2.0) {                return 2            }        } catch (e) {            console.log(getDomainVer error>, e)        }        return 1    }    // make request    function httpPost(url, ops) {        console.log(httpPost>, url, ops);        let data  {}        let xhr  new XMLHttpRequest();        xhr.open(POST, url, false); // false表示同步请求        xhr.setRequestHeader(Content-type, application/x-www-form-urlencoded);        xhr.onreadystatechange  function (e) {            if (xhr.readyState  4 && xhr.status  200) {                data  JSON.parse(xhr.responseText)                console.log(responseText>, data);            } else {                console.log(error>, e);            }        };        xhr.send(ops);        return data    }/script>/body>/html>

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]

Domain > 3344.ljbprod.site

Is this malicious?

DNS Resolutions

Port 80

Port 443