Domain > 032232.com

More information on this domain is in AlienVault OTX

DNS Resolutions

Date	IP Address
2019-06-22	148.153.36.254 (ClassC)
2024-11-20	45.205.13.56 (ClassC)

HTTP/1.1 200 OKAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,RangeAccess-Control-Allow-Methods: GET, POST, OPTIONSAccess-Control-Allow-Origin: *Content-Type: text/htmlDate: Wed, 20 Nov 2024 18:02:21 GMTEtag: W/672d60cf-313fExpires: Wed, 20 Nov 2024 18:09:17 GMTLast-Modified: Wed, 20 Nov 2024 17:56:17 GMTServer: openrestyStrict-Transport-Security: max-age31536000Vary: Accept-EncodingX-Cache: HIT, policy, diskTransfer-Encoding: chunked

!DOCTYPE html>html langcn>head>    meta charsetUTF-8/>    script typetext/javascript async srchttps://s4.cnzz.com/z.js?id1281383308>/script>script typetext/javascript async srchttps://s4.cnzz.com/z.js?id1281383309>/script>    meta            nameviewport            contentmaximum-scale1.0,minimum-scale1.0,user-scalable0,widthdevice-width,initial-scale1.0,viewport-fitcover    />    meta nametheme-color content#111618/>    title>/title>    meta            propertyog:description            namedescription            iddescription            content    />    meta http-equivContent-Type contenttext/html; charsetUTF-8/>    meta            nameviewport            contentwidthdevice-width,initial-scale1,user-scalableno    />    script typetext/javascript src/js/jquery.min.js>/script>    script typetext/javascript src/js/qrcode.min.js>/script>    script typetext/javascript src/js/crypto-js.min.js>/script>    script typetext/javascript src/js/aes.min.js>/script>    script typetext/javascript src/js/enc-utf8.min.js>/script>    link idfavicon relicon/>    style>        html {            background: #050505;            text-align: center;        }        body {            margin: 0;            color: #fff;        }        #body {            max-width: 500px;            height: 100vh;            background: #333;            margin: 0 auto;            position: relative;            font-size: 14px;            overflow-y: auto;        }        #body * {            box-sizing: border-box;        }        #body p {            margin: 5px 0;        }        #body .top {            padding: 30px 0 0 0;            background: #000;        }        #body .foot {            padding: 20px 20px 60px;            font-size: 15px;        }        #body .foot b {            color: #ffd07d;        }        #body .foot p {            margin: 10px 0;        }        #body .color {            color: #6dc1fe;        }        #body .text-color {            background-size: 400% 400%;            background-image: linear-gradient(                    to left,                    #6dc1fe,                    #ff8000,                    #fff200,                    #51ff00,                    #00d0ff,                    #9000ff,                    #ff008c            );            -webkit-background-clip: text;            animation: text-color 5s ease infinite;            color: transparent;            margin: 0 5px;        }        #body .logo {            width: 60px;            height: 60px;            margin: 10px auto;        }        #body .logo img {            width: 100%;            height: 100%;            object-fit: cover;            border-radius: 6px;        }        #body .main {            margin: 10px;            background: #222;            border-radius: 10px;            padding: 10px;            font-size: 14px;        }        #body .main .domain {            margin: 10px;            background: #000;            padding: 9px 2px;            border-radius: 20px;        }        #body .main .domain a {            color: #6dc1fe;            text-decoration: none;        }        #body .tips {            padding: 10px;            text-align: left;        }        #body .tips .li {            padding: 5px 0;        }        #body .tips p {            margin: 2px 0 0 1em;        }        #body .ar1 {            font-size: 10px;            opacity: 0.7;            margin: 0 0 -3px 0;        }        #body .ar2 {            font-size: 16px;        }        #body .qrcode {            width: 150px;            height: 150px;            border: 2px solid #6dc1fe;            margin: 20px auto;            background: #fff;            border-radius: 5px;        }        #body .qrcode img,        #body .qrcode canvas {            width: 100%;            height: 100%;        }        #domainContent{            text-align: center;        }        .navigation-buttons {            display: flex;            flex-direction: row;            justify-content: space-around;            margin-top: 30px;        }        .btn {            flex: none;            width: 150px;            padding: 12px 15px;            font-size: 14px;            font-weight: bold;            text-align: center;            color: #fff;            background: linear-gradient(45deg, #6dc1fe, #009cfa);            border-radius: 20px;            cursor: pointer;            transition: all 0.3s ease;            box-shadow: 0 4px 6px rgba(0, 0, 0, 0.1);            text-transform: uppercase;        }        .btn:hover {            transform: translateY(-2px);            box-shadow: 0 6px 8px rgba(0, 0, 0, 0.15);            background: linear-gradient(45deg, #ff8000, #6dc1fe);        }        .btn:active {            transform: translateY(1px);            box-shadow: 0 2px 4px rgba(0, 0, 0, 0.1);        }        @keyframes text-color {            0% { background-position: 0% 50%; }            50% { background-position: 100% 50%; }            100% { background-position: 0% 50%; }        }        @-moz-keyframes text-color {            0% {                background-position: 0% 50%;            }            50% {                background-position: 100% 50%;            }        }        @-webkit-keyframes text-color {            0% {                background-position: 0% 50%;            }            50% {                background-position: 100% 50%;            }        }        @-o-keyframes text-color {            0% {                background-position: 0% 50%;            }            50% {                background-position: 100% 50%;            }        }        @keyframes text-color {            0% {                background-position: 0% 50%;            }            50% {                background-position: 100% 50%;            }        }    /style>/head>body>div idbody>    div classtop>        div classlogo>img idlogo/>/div>        div classmain>            p idtitle>/p>            div classqrcode idqrcode>/div>            div classdomain styletext-align: left;>                span iddomainContent classcolor>/span>            /div>        /div>        div classtips styletext-align: left;>            span idwordContent>/span>        /div>        div classarrow>            div classar1 color>▼/div>            div classar2 color>▼/div>        /div>    /div>    div classfoot>        p>span>完成/span>b>屏幕截图/b>/p>        p>          span classtext-color          >页面跳转倒计时span idcountDown>/span>秒/span>        /p>        div classnavigation-buttons>            div classbtn first>进入本站/div>            div classbtn second>进入极速纯净版/div>        /div>    /div>/div>script srcconfig.js>/script>script>    var interval;    /**     * 业务公共解密方法     * @param {any} data - 传入的包含加密数据的对象     * @param {string} secretKey - 用于解密的密钥（Base64格式）     * @returns {any} - 解密后的JSON对象或原始数据     */    // 解密    function aesDe(ciphertext) {        // 检查输入参数        if (!ciphertext) {            console.warn(解密失败：输入的密文不能为空)            return ciphertext        }        try {            const keyBytes  CryptoJS.enc.Utf8.parse(zH3JDuCRXVGa3na7xbOqpx1bw6DAkbTP)            const decrypted  CryptoJS.AES.decrypt(ciphertext, keyBytes, {                iv: keyBytes,                mode: CryptoJS.mode.CBC,                padding: CryptoJS.pad.Pkcs7            })            return CryptoJS.enc.Utf8.stringify(decrypted)        } catch (error) {            console.error(`解密失败：${error}`)            return         }    }    // 加密    // function aesEn(obj) {    //     let encrypt  CryptoJS.AES.encrypt(    //         CryptoJS.enc.Utf8.parse(obj),    //         CryptoJS.enc.Utf8.parse(6E31ECDEF3EEC0E6),    //         {    //             mode: CryptoJS.mode.ECB,    //             padding: CryptoJS.pad.Pkcs7    //         }    //     );    //     return encrypt.toString();    // }    // 随机选择并调用 jsonApiList 中的一个域名    function getRandomJsonApi(jsonApiList) {        if (!Array.isArray(jsonApiList) || jsonApiList.length  0) {            console.warn(jsonApiList 为空或不是一个有效的数组);            return null;        }        const randomIndex  Math.floor(Math.random() * jsonApiList.length);        return jsonApiListrandomIndex;    }    function getJsonData() {        const domainUrl  window.location.origin;        let domainName  window.location.hostname;        const tenantId  window.config?.tenantId || 1;        const webSiteId  window.config?.webSiteId || 1;        const templateId  window.config?.templateId || 1;        let url          // 如果是测试环境或者开发环境        if (domainUrl.includes(localhost) || domainUrl.includes(test)) {            if (domainUrl.includes(localhost)) {                domainName  test.mediadiversion.dfre45.com            }            url  `http://mediajson.dfre45.com/pages/nav/${tenantId}/${webSiteId}/${templateId}/result.json`            // http://mediajson.dfre45.com/pages/nav/1/1/1/result.json        } else {            const jsonApiList  window.config?.jsonApiList;            const randomApi  getRandomJsonApi(jsonApiList);            url  `${randomApi}/pages/nav/${tenantId}/${webSiteId}/${templateId}/result.json`;        }        // 获取接口数据        fetch(url)            .then(response > response.text())            .then(res > {                if (!res) return;                let jsonData  null                try {                    jsonData  JSON.parse(res)                    if (jsonData?.json_data) {                        const info  aesDe(jsonData.json_data)                        console.log(JSON.parse(info));                        initPage(JSON.parse(info))                    }                } catch (error) {                    console.error(解析json数据失败, error)                }            })    }    function initPage(resData) {        const adDomains  resData?.adDomains;        const adDomain  adDomainsMath.floor(Math.random() * adDomains.length);        const logoUrl  adDomain + resData?.logo; // logo        document.getElementById(logo).setAttribute(src, logoUrl); //logo        document.getElementById(title).innerHTML  resData?.title; // 提醒文字        var qrcode  new QRCode(document.getElementById(qrcode), {            width: 150,            height: 150,            useSVG: true,        });        qrcode.makeCode(resData?.qrDomain); // 二维码        document.getElementById(domainContent).innerHTML  decodeURIComponent(resData?.domainContent); //域名文字        document.getElementById(wordContent).innerHTML  decodeURIComponent(resData?.wordContent); //文字描述        document.getElementById(countDown).innerHTML  resData?.countDown; //倒计时        if (resData?.jumpDomain){            document.querySelector(.navigation-buttons .btn.first).addEventListener(click, function () {                clearInterval(interval);                window.location.href  resData.jumpDomain;            });        }        if (resData?.jumpDomain2){            document.querySelector(.navigation-buttons .btn.second).addEventListener(click, function () {                clearInterval(interval);                window.location.href  resData.jumpDomain2;            });        }else{            document.querySelector(.navigation-buttons .btn.second).style.display  none;        }        interval  setInterval(() > {            var countDown  document.getElementById(countDown);            if (countDown.innerHTML  0) {                clearInterval(interval);                window.location.href  resData.jumpDomain;            } else {                countDown.innerHTML - 1;            }        }, 1000);    }    getJsonData()/script>/body>/html>

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]

Domain > 032232.com

Is this malicious?

DNS Resolutions

Port 443