某市公共资源交易网

目标网站首页：aHR0cDovL2dnenkuendmd2IudGouZ292LmNu/
分析页面：aHR0cDovL2dnenkuendmd2IudGouZ292LmNuL3h3engvaW5kZXhfMi5qaHRtbA==

点击前URL
http://ggzy.zwfwb.tj.gov.cn:80/zwyw/1030977.jhtml

点击后URL
http://ggzy.zwfwb.tj.gov.cn/zwyw/PtP89WBoZOoO3604DVnZHw.jhtml

加密分析
当鼠标点击标题时，标题会跳转到新的窗口并且URL会发生变化，所以我们可以找到对应标题的a对应的事件监听click

npm install crypto-js
const CryptoJS = require('crypto-js');

function getRealUrl(hh) {
    var s = "qnbyzzwmdgghmcnm";
    var aa = hh.split("/");
    var aaa = aa.length;
    var bbb = aa[aaa - 1].split('.');
    var ccc = bbb[0];
    var cccc = bbb[1];
    var r = /^\+?[1-9][0-9]*$/;
    if (r.test(ccc) && cccc.indexOf('jhtml') != -1) {
        var srcs = CryptoJS.enc.Utf8.parse(ccc);
        var k = CryptoJS.enc.Utf8.parse(s);
        var en = CryptoJS.AES.encrypt(srcs, k, {
            mode: CryptoJS.mode.ECB,
            padding: CryptoJS.pad.Pkcs7
        });
        var ddd = en.toString();
        ddd = ddd.replace(/\//g, "^");
        ddd = ddd.substring(0, ddd.length - 2);
        var bbbb = ddd + '.' + bbb[1];
        return bbbb;
    }
}

getRealUrl()

参考: https://blog.csdn.net/weixin_46672080/article/details/126003502?spm=1001.2014.3001.5502