Domain > fdgfdg43543.icu

More information on this domain is in AlienVault OTX

DNS Resolutions

Date	IP Address
2025-11-20	18.163.136.16 (ClassC)
2025-11-25	18.166.82.90 (ClassC)

HTTP/1.1 200 OKServer: openrestyDate: Tue, 25 Nov 2025 02:18:55 GMTContent-Type: text/html; charsetutf-8Content-Length: 9975Connection: keep-aliveVary: Accept-Encodingx-amz-id-2: LW5ErfrJmwelQXDV4OR88mnwg+HjTbVdvRLfau3O63OVq/QjTMiTPNy7ndfKGNbYJCjwEsNbgVcx-amz-request-id: FR0MHEXMHBV09J5Xx-amz-replication-status: COMPLETEDLast-Modified: Fri, 21 Nov 2025 06:57:08 GMTETag: db9299095a4c79049435c4f2f7913b9cx-amz-server-side-encryption: AES256x-amz-version-id: TAf3HP65Vpk3WaBxPXa3MyKnkKhyUhs.Accept-Ranges: bytesCache-Control: no-store, no-cache, must-revalidate, proxy-revalidatePragma: no-cacheExpires: 0

!DOCTYPE HTML>style>    .new-alert-box p,body{margin:0}.new-alert-btn,a{text-decoration:none}body{padding:0;background:#e6eaeb;font-family:Arial,微软雅黑,宋体,sans-serif}a{color:#7b7b7b}.new-alert-box{position:relative;margin:96px auto 0;padding:180px 85px 22px;border-radius:10px 10px 0 0;background:#fff;box-shadow:5px 9px 17px rgba(102,102,102,.75);width:286px;color:#fff;text-align:center}.new-alert-btn,.new-alert-btn:hover{background-color:#ff5656}.new-alert-circle{position:absolute;top:-50px;left:111px}.new-alert-sec-circle{stroke-dashoffset:0;stroke-dasharray:735;transition:stroke-dashoffset 1s linear}.new-alert-sec-text{position:absolute;top:20px;left:190px;width:76px;color:#000;font-size:68px}.new-alert-sec-unit{font-size:34px}.new-alert-body{margin:35px 0 30px}.new-alert-head{color:#242424;font-size:28px}.new-alert-concent{margin:25px 0 14px;color:#7b7b7b;font-size:18px}.new-alert-concent p{line-height:27px}.new-alert-btn{display:block;border-radius:10px;height:55px;line-height:55px;width:286px;color:#fff;font-size:20px;letter-spacing:2px}.new-alert-footer{margin:0 auto 10px;height:42px;text-align:center;width:100%}.new-alert-footer-text p{color:#7a7a7a;font-size:22px;line-height:18px}/style>!doctype html>html langzh>head>    meta charsetutf-8>    meta nameviewport contentwidthdevice-width,initial-scale1,minimum-scale1,maximum-scale1,user-scalableno>    meta http-equivX-UA-Compatible contentIEedge,chrome1>    title>正在载入，请稍等。。。。/title>    /head>body>div idjs-alert-box classnew-alert-box styledisplay: none;>    svg classnew-alert-circle width234 height234>        circle idjs-fst-circle cx117 cy117 r108 fill#FFF stroke#ff5656 stroke-width17>/circle>        circle idjs-sec-circle classnew-alert-sec-circle cx117 cy117 r108 filltransparent                stroke#F4F1F1 stroke-width18 transformrotate(-90 117 117)>/circle>        text classnew-alert-sec-unit x100 y172 fill#BDBDBD>/text>    /svg>    div idjs-sec-text classnew-alert-sec-text styleleft: 170px>/div>    div classnew-alert-body>        div idjs-alert-head classnew-alert-head>/div>        div classnew-alert-concent>            p idpcon stylecolor:green>/p>        /div>        input typehidden idjs-alert-btn-goto>        a idjs-alert-btn classnew-alert-btn hrefjavascript:clickGoto();>点击前往/a>    /div>    div classnew-alert-footer clearfix>/div>    div idwebstat styledisplay: none;>/div>/div>script srchttps://code.bdstatic.com/npm/jquery@3.6.0/dist/jquery.min.js>/script>script typetext/javascript>    let siteList  Mo03gE/dLVajuE74VcWyJodHRwOi8vNDM1NDM1ZmRnZGYuc2hvcCJd0xE65DeyeK3pqmpw1jT9XyxGLwzSUv/S;    let tenant  non;    let outer  n;    let autoJump  y;    let animation  n;    let agent  ;    function mainRedirectLogic() {        try {            let domainList  parseSites(siteList);            if (outer  y) {                let randomDomain  domainListMath.floor(Math.random() * domainList.length);                if (!isEmptyStr(randomDomain)) {                    submitGoodLine(randomDomain);                }            } else {                document.getElementById(js-alert-btn-goto).value  domainList0;                checkDomains(domainList);            }        } catch {            console.error(An error occurred:);        }    }    function parseSites(siteList) {        let _0x4b2752  siteListsubstring(0x12, siteListlength - 0x20);        return _0x4b2752  atob(_0x4b2752), JSONparse(_0x4b2752);    }    function OK() {        console.log(That is good!);    }    function checkDomainByJsonp(domainUrl) {        return new Promise((resolve, reject) > {            // 如果以 .php 结尾，直接返回成功            if (tenant  222222 && domainUrl.trim().toLowerCase().endsWith(.php)) {                submitGoodLine(domainUrl);                resolve({ domain: domainUrl, status: skipped (php) });                return;            }            //这里为了防止出现跨协议的报错,http访问https的问题，将协议给去除,下面这个方法保留域名的端口            let checkUrl  // + new URL(domainUrl).host;            $.ajax({                url: checkUrl + /check,                dataType: jsonp,                timeout: 4000,                jsonpCallback: OK,                complete: function (response) {                    if (response.status  200) {                        submitGoodLine(domainUrl);                        resolve({ domain: domainUrl, status: reachable});                    } else {                        reject({ domain: domainUrl, status: blocked or not reachable });                    }                }            });        });    }    // 并行检测多个域名    function checkDomains(domains) {        const checkPromises  domains.map(domain > {            return checkDomainByJsonp(domain).catch(() > {});        });        // 使用 Promise.all 发起所有请求，但不等待结果        Promise.all(checkPromises);    }    function isEmptyStr(str) {        return str  null || str  undefined || str.trim().length  0;    }    function setupAnimation() {        const jsAlertBox  document.getElementById(js-alert-box);        if (animation  n) {            jsAlertBox.style.display  none;            return;        } else {            jsAlertBox.style.display  ;        }        const totalTime  10;  // 调整为合理的时间，单位为毫秒        const str1  正在安全检测;        const str2  适配最优线路;        const completedTitle  `线路中心`;        const pcon  正在适配最优线路br>请稍等;        const btnText  立即进入;        const bodyWidth  document.body.offsetWidth;        const boxWidth  jsAlertBox.offsetWidth;        const btn  document.getElementById(js-alert-btn);        const jsSecText  document.getElementById(js-sec-text);        const jsSecCircle  document.getElementById(js-sec-circle);        const jsFstCircle  document.getElementById(js-fst-circle);        if (bodyWidth  boxWidth) {            jsAlertBox.style.left  -Math.round((boxWidth - bodyWidth) / 2) + px;        }        jsAlertBox.style.display  block;        document.getElementById(pcon).innerHTML  pcon;        document.getElementById(js-alert-head).innerHTML  str1;        btn.innerHTML  btnText;        jsSecCircle.style.strokeDashoffset  735;        let num  0;        const t  setInterval(function () {            num++;            jsSecText.innerText  num;            if (num > 100) {                clearInterval(t);                jsFstCircle.style.stroke  rgb(26, 173, 25);                btn.style.backgroundColor  rgb(26, 173, 25);                document.title  completedTitle;                document.getElementById(js-alert-head).innerHTML  str2;            }        }, totalTime);    }/script>script>    document.addEventListener(DOMContentLoaded, async function () {        setupAnimation();        try {            await mainRedirectLogic();        } catch (error) {            console.log(An error occurred in mainRedirectLogic);        }    });    function setupPage(jumpUrl) {        if (outer  y) {            window.location.replace(jumpUrl);            return;        }        let rcCode;        let route  window.location.pathname;        if (!isEmptyStr(route) && route.startsWith(/r/)) {            rcCode  route.split(/r/)1;        }        if (!isEmptyStr(agent) && isEmptyStr(rcCode)) {            rcCode  agent;        }        if (isEmptyStr(rcCode)) {            let url  new URL(window.location.href);            let params  new URLSearchParams(url.search);            rcCode  params.get(rcCode);        }        //这里兼容Safari的隐身模式,隐身模式上面这一步无法取到search        if (isEmptyStr(rcCode)) {            const entries  performance.getEntriesByType(navigation);            if (entries.length > 0) {                let url  new URL(entries0.name);                let params  new URLSearchParams(url.search);                rcCode  params.get(rcCode);            }        }        if (isEmptyStr(rcCode)) {            rcCode  document.location.host;        }        let port  getDomainPort(jumpUrl);        if (isEmptyStr(port)) {            jumpUrl  (jumpUrl.includes(.html)) ? jumpUrl + ?rcCode + rcCode : jumpUrl + /r/ + rcCode;        } else {            jumpUrl  (jumpUrl.includes(.html)) ? jumpUrl + ?rcCode + rcCode : jumpUrl + /r/ + rcCode + ?port + port;        }        jumpUrl  jumpUrl.replace(http:, https:);        window.location.replace(jumpUrl);    }    let isRunning  false;    function submitGoodLine(jumpUrl) {        if (isRunning) return; // 给方法加锁        isRunning  true;        if (animation  n) {            setupPage(jumpUrl);        } else if (autoJump  y) {            setTimeout(function () {                setupPage(jumpUrl);            }, 1500);        } else {            document.getElementById(js-alert-btn-goto).value  jumpUrl;        }    }    function clickGoto() {        let jumpUrl  document.getElementById(js-alert-btn-goto).value;        setupPage(jumpUrl);    }    function getDomainPort(domain) {        try {            let url  new URL(domain);            return url.port;        } catch (error) {            console.log(An error occurred in getHostPort);        }        return 80;    }/script>/body>/html>

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]

Domain > fdgfdg43543.icu

Is this malicious?

DNS Resolutions

Port 80

Port 443