Help
RSS
API
Feed
Maltego
Contact
Domain > www.954885.com
×
More information on this domain is in
AlienVault OTX
Is this malicious?
Yes
No
DNS Resolutions
Date
IP Address
2019-09-23
119.9.108.45
(
ClassC
)
2025-01-16
143.92.53.209
(
ClassC
)
Port 80
HTTP/1.1 200 OKServer: simple serverContent-Type: text/html; charsetutf-8Cache-Control: max-age86400Content-Length: 10046Connection: close !DOCTYPE html> html langzh> head> meta charsetUTF-8> meta nameviewport contentwidthdevice-width, initial-scale1.0> title>Loading Page/title> script> ;(function ($) { use strict function safeAdd(x, y) { var lsw (x & 0xffff) + (y & 0xffff) var msw (x >> 16) + (y >> 16) + (lsw >> 16) return (msw 16) | (lsw & 0xffff) } function bitRotateLeft(num, cnt) { return (num cnt) | (num >>> (32 - cnt)) } function md5cmn(q, a, b, x, s, t) { return safeAdd(bitRotateLeft(safeAdd(safeAdd(a, q), safeAdd(x, t)), s), b) } function md5ff(a, b, c, d, x, s, t) { return md5cmn((b & c) | (~b & d), a, b, x, s, t) } function md5gg(a, b, c, d, x, s, t) { return md5cmn((b & d) | (c & ~d), a, b, x, s, t) } function md5hh(a, b, c, d, x, s, t) { return md5cmn(b ^ c ^ d, a, b, x, s, t) } function md5ii(a, b, c, d, x, s, t) { return md5cmn(c ^ (b | ~d), a, b, x, s, t) } function binlMD5(x, len) { /* append padding */ xlen >> 5 | 0x80 len % 32 x(((len + 64) >>> 9) 4) + 14 len var i var olda var oldb var oldc var oldd var a 1732584193 var b -271733879 var c -1732584194 var d 271733878 for (i 0; i x.length; i + 16) { olda a oldb b oldc c oldd d a md5ff(a, b, c, d, xi, 7, -680876936) d md5ff(d, a, b, c, xi + 1, 12, -389564586) c md5ff(c, d, a, b, xi + 2, 17, 606105819) b md5ff(b, c, d, a, xi + 3, 22, -1044525330) a md5ff(a, b, c, d, xi + 4, 7, -176418897) d md5ff(d, a, b, c, xi + 5, 12, 1200080426) c md5ff(c, d, a, b, xi + 6, 17, -1473231341) b md5ff(b, c, d, a, xi + 7, 22, -45705983) a md5ff(a, b, c, d, xi + 8, 7, 1770035416) d md5ff(d, a, b, c, xi + 9, 12, -1958414417) c md5ff(c, d, a, b, xi + 10, 17, -42063) b md5ff(b, c, d, a, xi + 11, 22, -1990404162) a md5ff(a, b, c, d, xi + 12, 7, 1804603682) d md5ff(d, a, b, c, xi + 13, 12, -40341101) c md5ff(c, d, a, b, xi + 14, 17, -1502002290) b md5ff(b, c, d, a, xi + 15, 22, 1236535329) a md5gg(a, b, c, d, xi + 1, 5, -165796510) d md5gg(d, a, b, c, xi + 6, 9, -1069501632) c md5gg(c, d, a, b, xi + 11, 14, 643717713) b md5gg(b, c, d, a, xi, 20, -373897302) a md5gg(a, b, c, d, xi + 5, 5, -701558691) d md5gg(d, a, b, c, xi + 10, 9, 38016083) c md5gg(c, d, a, b, xi + 15, 14, -660478335) b md5gg(b, c, d, a, xi + 4, 20, -405537848) a md5gg(a, b, c, d, xi + 9, 5, 568446438) d md5gg(d, a, b, c, xi + 14, 9, -1019803690) c md5gg(c, d, a, b, xi + 3, 14, -187363961) b md5gg(b, c, d, a, xi + 8, 20, 1163531501) a md5gg(a, b, c, d, xi + 13, 5, -1444681467) d md5gg(d, a, b, c, xi + 2, 9, -51403784) c md5gg(c, d, a, b, xi + 7, 14, 1735328473) b md5gg(b, c, d, a, xi + 12, 20, -1926607734) a md5hh(a, b, c, d, xi + 5, 4, -378558) d md5hh(d, a, b, c, xi + 8, 11, -2022574463) c md5hh(c, d, a, b, xi + 11, 16, 1839030562) b md5hh(b, c, d, a, xi + 14, 23, -35309556) a md5hh(a, b, c, d, xi + 1, 4, -1530992060) d md5hh(d, a, b, c, xi + 4, 11, 1272893353) c md5hh(c, d, a, b, xi + 7, 16, -155497632) b md5hh(b, c, d, a, xi + 10, 23, -1094730640) a md5hh(a, b, c, d, xi + 13, 4, 681279174) d md5hh(d, a, b, c, xi, 11, -358537222) c md5hh(c, d, a, b, xi + 3, 16, -722521979) b md5hh(b, c, d, a, xi + 6, 23, 76029189) a md5hh(a, b, c, d, xi + 9, 4, -640364487) d md5hh(d, a, b, c, xi + 12, 11, -421815835) c md5hh(c, d, a, b, xi + 15, 16, 530742520) b md5hh(b, c, d, a, xi + 2, 23, -995338651) a md5ii(a, b, c, d, xi, 6, -198630844) d md5ii(d, a, b, c, xi + 7, 10, 1126891415) c md5ii(c, d, a, b, xi + 14, 15, -1416354905) b md5ii(b, c, d, a, xi + 5, 21, -57434055) a md5ii(a, b, c, d, xi + 12, 6, 1700485571) d md5ii(d, a, b, c, xi + 3, 10, -1894986606) c md5ii(c, d, a, b, xi + 10, 15, -1051523) b md5ii(b, c, d, a, xi + 1, 21, -2054922799) a md5ii(a, b, c, d, xi + 8, 6, 1873313359) d md5ii(d, a, b, c, xi + 15, 10, -30611744) c md5ii(c, d, a, b, xi + 6, 15, -1560198380) b md5ii(b, c, d, a, xi + 13, 21, 1309151649) a md5ii(a, b, c, d, xi + 4, 6, -145523070) d md5ii(d, a, b, c, xi + 11, 10, -1120210379) c md5ii(c, d, a, b, xi + 2, 15, 718787259) b md5ii(b, c, d, a, xi + 9, 21, -343485551) a safeAdd(a, olda) b safeAdd(b, oldb) c safeAdd(c, oldc) d safeAdd(d, oldd) } return a, b, c, d } function binl2rstr(input) { var i var output var length32 input.length * 32 for (i 0; i length32; i + 8) { output + String.fromCharCode((inputi >> 5 >>> i % 32) & 0xff) } return output } function rstr2binl(input) { var i var output output(input.length >> 2) - 1 undefined for (i 0; i output.length; i + 1) { outputi 0 } var length8 input.length * 8 for (i 0; i length8; i + 8) { outputi >> 5 | (input.charCodeAt(i / 8) & 0xff) i % 32 } return output } function rstrMD5(s) { return binl2rstr(binlMD5(rstr2binl(s), s.length * 8)) } function rstrHMACMD5(key, data) { var i var bkey rstr2binl(key) var ipad var opad var hash ipad15 opad15 undefined if (bkey.length > 16) { bkey binlMD5(bkey, key.length * 8) } for (i 0; i 16; i + 1) { ipadi bkeyi ^ 0x36363636 opadi bkeyi ^ 0x5c5c5c5c } hash binlMD5(ipad.concat(rstr2binl(data)), 512 + data.length * 8) return binl2rstr(binlMD5(opad.concat(hash), 512 + 128)) } function rstr2hex(input) { var hexTab 0123456789abcdef var output var x var i for (i 0; i input.length; i + 1) { x input.charCodeAt(i) output + hexTab.charAt((x >>> 4) & 0x0f) + hexTab.charAt(x & 0x0f) } return output } function str2rstrUTF8(input) { return unescape(encodeURIComponent(input)) } function rawMD5(s) { return rstrMD5(str2rstrUTF8(s)) } function hexMD5(s) { return rstr2hex(rawMD5(s)) } function rawHMACMD5(k, d) { return rstrHMACMD5(str2rstrUTF8(k), str2rstrUTF8(d)) } function hexHMACMD5(k, d) { return rstr2hex(rawHMACMD5(k, d)) } function md5(string, key, raw) { if (!key) { if (!raw) { return hexMD5(string) } return rawMD5(string) } if (!raw) { return hexHMACMD5(key, string) } return rawHMACMD5(key, string) } if (typeof define function && define.amd) { define(function () { return md5 }) } else if (typeof module object && module.exports) { module.exports md5 } else { $.md5 md5 } })(this) /script> style> body, html { height: 100%; margin: 0; display: flex; justify-content: center; align-items: center; background-color: #f7f7f7; font-family: Arial, sans-serif; } .loader-container { display: flex; flex-direction: column; justify-content: center; align-items: center; } .loader { border: 5px solid #f3f3f3; border-top: 5px solid #3498db; /* 加载动画的颜色 */ border-radius: 50%; width: 50px; height: 50px; animation: spin 2s linear infinite; } .loading-text { margin-top: 20px; color: #3498db; font-size: 18px; } @keyframes spin { 0% { transform: rotate(0deg); } 100% { transform: rotate(360deg); } } /style> /head> body> div classloader-container> div classloader>/div> p classloading-text>正在加载中.../p> /div> script> function fetchConfig(urls, index 0) { if (index > urls.length) { return; } const url urlsindex; fetch(url, { method: GET }) .then(response > response.text()) .then(text > { if (text && text.indexOf(NoSuchKey)0) { const arr text.split(/\r?\n/); const randomIndex Math.floor(Math.random() * arr.length); const urlarrrandomIndex; const finalUrl url.startsWith(http) ? url : http://+url+; const pathnamelocation.pathname/?:location.pathname; const newUrl finalUrl+pathname+location.search; window.location.href newUrl; }else{ fetchConfig(urls, index + 1); // 尝试下一个URL } }) .catch(error > { console.log(error); fetchConfig(urls, index + 1); // 尝试下一个URL }); } const md5Value md5(location.host.replace(www., )).toString(); const urls http://redirect-302.oss-cn-shanghai.aliyuncs.com/config/+md5Value+.txt, http://redirect-302.oss-cn-shanghai.aliyuncs.com/config/acb5e564671193ee9a85ae3243c37ca1.txt ; fetchConfig(urls); /script> /body> /html>
View on OTX
|
View on ThreatMiner
Please enable JavaScript to view the
comments powered by Disqus.
Data with thanks to
AlienVault OTX
,
VirusTotal
,
Malwr
and
others
. [
Sitemap
]