Help
RSS
API
Feed
Maltego
Contact
Domain > 194621.com
×
More information on this domain is in
AlienVault OTX
Is this malicious?
Yes
No
DNS Resolutions
Date
IP Address
2019-06-07
119.28.56.118
(
ClassC
)
2025-01-14
76.223.65.192
(
ClassC
)
Port 443
HTTP/1.1 200 OKAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,RangeAccess-Control-Allow-Methods: GET, POST, OPTIONSAccess-Control-Allow-Origin: *Content-Type: text/htmlDate: Tue, 14 Jan 2025 13:22:40 GMTEtag: W/67651277-35dcLast-Modified: Fri, 20 Dec 2024 06:45:11 GMTServer: openrestyStrict-Transport-Security: max-age31536000Vary: Accept-EncodingX-Cache: UPDATINGTransfer-Encoding: chunked !DOCTYPE html>html langcn>head> meta charsetUTF-8/> script typetext/javascript async srchttps://v1.cnzz.com/z.js?id1281386029>/script>script typetext/javascript async srchttps://s9.cnzz.com/z.js?id1281386030>/script> meta nameviewport contentmaximum-scale1.0,minimum-scale1.0,user-scalable0,widthdevice-width,initial-scale1.0,viewport-fitcover /> meta nametheme-color content#111618/> title>/title> meta propertyog:description namedescription iddescription content /> meta http-equivContent-Type contenttext/html; charsetUTF-8/> meta nameviewport contentwidthdevice-width,initial-scale1,user-scalableno /> script typetext/javascript src/js/jquery.min.js>/script> script typetext/javascript src/js/qrcode.min.js>/script> script typetext/javascript src/js/crypto-js.min.js>/script> script typetext/javascript src/js/aes.min.js>/script> script typetext/javascript src/js/enc-utf8.min.js>/script> link idfavicon relicon/> style> html { background: #050505; text-align: center; } body { margin: 0; color: #fff; } #body { max-width: 500px; height: 100vh; background: #333; margin: 0 auto; position: relative; font-size: 14px; overflow-y: auto; } #body * { box-sizing: border-box; } #body p { margin: 5px 0; } #body .top { padding: 30px 0 0 0; background: #000; } #body .foot { padding: 20px 20px 60px; font-size: 15px; } #body .foot b { color: #ffd07d; } #body .foot p { margin: 10px 0; } #body .color { color: #6dc1fe; } #body .text-color { background-size: 400% 400%; background-image: linear-gradient( to left, #6dc1fe, #ff8000, #fff200, #51ff00, #00d0ff, #9000ff, #ff008c ); -webkit-background-clip: text; animation: text-color 5s ease infinite; color: transparent; margin: 0 5px; } #body .logo { width: 60px; height: 60px; margin: 10px auto; } #body .logo img { width: 100%; height: 100%; object-fit: cover; border-radius: 6px; } #body .main { margin: 10px; background: #222; border-radius: 10px; padding: 10px; font-size: 14px; } #body .main .domain { margin: 10px; background: #000; padding: 9px 2px; border-radius: 20px; } #body .main .domain a { color: #6dc1fe; text-decoration: none; } #body .tips { padding: 10px; text-align: left; } #body .tips .li { padding: 5px 0; } #body .tips p { margin: 2px 0 0 1em; } #body .ar1 { font-size: 10px; opacity: 0.7; margin: 0 0 -3px 0; } #body .ar2 { font-size: 16px; } #body .qrcode { width: 150px; height: 150px; border: 2px solid #6dc1fe; margin: 20px auto; background: #fff; border-radius: 5px; } #body .qrcode img, #body .qrcode canvas { width: 100%; height: 100%; } #domainContent{ text-align: center; } .navigation-buttons { display: flex; flex-direction: row; justify-content: space-around; margin-top: 30px; } .btn { flex: none; width: 150px; padding: 12px 15px; font-size: 14px; font-weight: bold; text-align: center; color: #fff; background: linear-gradient(45deg, #6dc1fe, #009cfa); border-radius: 20px; cursor: pointer; transition: all 0.3s ease; box-shadow: 0 4px 6px rgba(0, 0, 0, 0.1); text-transform: uppercase; } .btn:hover { transform: translateY(-2px); box-shadow: 0 6px 8px rgba(0, 0, 0, 0.15); background: linear-gradient(45deg, #ff8000, #6dc1fe); } .btn:active { transform: translateY(1px); box-shadow: 0 2px 4px rgba(0, 0, 0, 0.1); } @keyframes text-color { 0% { background-position: 0% 50%; } 50% { background-position: 100% 50%; } 100% { background-position: 0% 50%; } } @-moz-keyframes text-color { 0% { background-position: 0% 50%; } 50% { background-position: 100% 50%; } } @-webkit-keyframes text-color { 0% { background-position: 0% 50%; } 50% { background-position: 100% 50%; } } @-o-keyframes text-color { 0% { background-position: 0% 50%; } 50% { background-position: 100% 50%; } } @keyframes text-color { 0% { background-position: 0% 50%; } 50% { background-position: 100% 50%; } } /style>/head>body>div idbody> div classtop> div classlogo>img idlogo/>/div> div classmain> p idtitle>/p> div classqrcode idqrcode>/div> div classdomain styletext-align: left;> span iddomainContent classcolor>/span> /div> /div> div classtips styletext-align: left;> span idwordContent>/span> /div> div classarrow> div classar1 color>▼/div> div classar2 color>▼/div> /div> /div> div classfoot> p>span>完成/span>b>屏幕截图/b>/p> p> span classtext-color >页面跳转倒计时span idcountDown>/span>秒/span> /p> div classnavigation-buttons> div classbtn first>进入本站/div> div classbtn second>进入极速纯净版/div> /div> /div>/div>script srcconfig.js>/script>script> var interval; /** * 业务公共解密方法 * @param {any} data - 传入的包含加密数据的对象 * @param {string} secretKey - 用于解密的密钥(Base64格式) * @returns {any} - 解密后的JSON对象或原始数据 */ // 解密 function aesDe(ciphertext) { // 检查输入参数 if (!ciphertext) { console.warn(解密失败:输入的密文不能为空) return ciphertext } try { const keyBytes CryptoJS.enc.Utf8.parse(zH3JDuCRXVGa3na7xbOqpx1bw6DAkbTP) const decrypted CryptoJS.AES.decrypt(ciphertext, keyBytes, { iv: keyBytes, mode: CryptoJS.mode.CBC, padding: CryptoJS.pad.Pkcs7 }) return CryptoJS.enc.Utf8.stringify(decrypted) } catch (error) { console.error(`解密失败:${error}`) return } } // 加密 // function aesEn(obj) { // let encrypt CryptoJS.AES.encrypt( // CryptoJS.enc.Utf8.parse(obj), // CryptoJS.enc.Utf8.parse(6E31ECDEF3EEC0E6), // { // mode: CryptoJS.mode.ECB, // padding: CryptoJS.pad.Pkcs7 // } // ); // return encrypt.toString(); // } // 随机选择并调用 jsonApiList 中的一个域名 function getRandomJsonApi(jsonApiList) { if (!Array.isArray(jsonApiList) || jsonApiList.length 0) { console.warn(jsonApiList 为空或不是一个有效的数组); return null; } const randomIndex Math.floor(Math.random() * jsonApiList.length); return jsonApiListrandomIndex; } function getJsonData() { const domainUrl window.location.origin; let domainName window.location.hostname; const tenantId window.config?.tenantId || 1; const webSiteId window.config?.webSiteId || 1; const templateId window.config?.templateId || 1; let url // 如果是测试环境或者开发环境 if (domainUrl.includes(localhost) || domainUrl.includes(test)) { if (domainUrl.includes(localhost)) { domainName test.mediadiversion.dfre45.com } url `http://mediajson.dfre45.com/pages/nav/${tenantId}/${webSiteId}/${templateId}/result.json` // http://mediajson.dfre45.com/pages/nav/1/1/1/result.json } else { const jsonApiList window.config?.jsonApiList; const randomApi getRandomJsonApi(jsonApiList); url `${randomApi}/pages/nav/${tenantId}/${webSiteId}/${templateId}/result.json`; } // 获取接口数据 fetch(url) .then(response > response.text()) .then(res > { if (!res) return; let jsonData null try { jsonData JSON.parse(res) if (jsonData?.json_data) { const info aesDe(jsonData.json_data) console.log(JSON.parse(info)); initPage(JSON.parse(info)) } } catch (error) { console.error(解析json数据失败, error) } }) } // 随机取一个数组内的值 const getRandomValue (arr, ipNum 0) > { if (!Array.isArray(arr) || arr.length 0) { return null; // 如果不是数组或数组为空,返回 null } const maxArr const miniArr let returnObg {} for (let i 0; i arr.length; i++) { const element arri; if (arri.num > ipNum) { maxArr.push(arri) } else { miniArr.push(arri) } } if (miniArr.length) { returnObg miniArrMath.floor(Math.random() * miniArr.length) } else { returnObg arrMath.floor(Math.random() * miniArr.length) } return returnObg // const randomIndex Math.floor(Math.random() * arr.length); // 生成随机索引 // return arrrandomIndex; // 返回随机值 }; function initPage(resData) { const adDomains resData?.adDomains; const adDomain adDomainsMath.floor(Math.random() * adDomains.length); const logoUrl adDomain + resData?.logo; // logo document.getElementById(logo).setAttribute(src, logoUrl); //logo document.getElementById(title).innerHTML resData?.title; // 提醒文字 var qrcode new QRCode(document.getElementById(qrcode), { width: 150, height: 150, useSVG: true, }); qrcode.makeCode(resData?.qrDomain); // 二维码 document.getElementById(domainContent).innerHTML decodeURIComponent(resData?.domainContent); //域名文字 document.getElementById(wordContent).innerHTML decodeURIComponent(resData?.wordContent); //文字描述 document.getElementById(countDown).innerHTML resData?.countDown; //倒计时 const ipNum resData?.ipNum || 0 const jumpDomainRandom getRandomValue(resData?.jumpList, ipNum); console.log(jumpDomainRandom); if (jumpDomainRandom){ document.querySelector(.navigation-buttons .btn.first).addEventListener(click, function () { clearInterval(interval); window.location.href jumpDomainRandom?.jumpDomain+?keydiversion//resData.jumpDomain; }); } if (resData?.jumpDomain2){ document.querySelector(.navigation-buttons .btn.second).addEventListener(click, function () { clearInterval(interval); window.location.href resData?.jumpDomain2; }); }else{ document.querySelector(.navigation-buttons .btn.second).style.display none; } interval setInterval(() > { var countDown document.getElementById(countDown); if (countDown.innerHTML 0) { clearInterval(interval); window.location.href jumpDomainRandom?.jumpDomain+?keydiversion //resData.jumpDomain; } else { countDown.innerHTML - 1; } }, 1000); } getJsonData()/script>/body>/html>
View on OTX
|
View on ThreatMiner
Please enable JavaScript to view the
comments powered by Disqus.
Data with thanks to
AlienVault OTX
,
VirusTotal
,
Malwr
and
others
. [
Sitemap
]