Help
RSS
API
Feed
Maltego
Contact
Domain > 28quan25.cc
×
More information on this domain is in
AlienVault OTX
Is this malicious?
Yes
No
DNS Resolutions
Date
IP Address
2023-11-05
154.23.183.76
(
ClassC
)
2024-05-05
20.205.18.80
(
ClassC
)
2024-06-26
20.6.128.141
(
ClassC
)
2025-06-10
20.6.130.188
(
ClassC
)
2025-07-04
20.205.28.29
(
ClassC
)
2026-02-12
40.81.28.181
(
ClassC
)
Port 80
HTTP/1.1 200 OKContent-Type: text/htmlDate: Thu, 12 Feb 2026 04:24:20 GMTEtag: W/6975a879-518Last-Modified: Sun, 25 Jan 2026 05:22:01 GMTServer: gwsSet-Cookie: SITE_TOTAL_IDea4a9d61bfac5cf20dc335ef1248a438; Path/; Max-Age259200000; HttpOnlyVary: Accept-EncodingContent-Length: 1304 !DOCTYPE html>html langen>head> meta charsetUTF-8> meta http-equivX-UA-Compatible contentIEedge> meta nameviewport contentwidthdevice-width, initial-scale1.0> title>/title>/head>body> script> const randomStr len > Array.from({ length: len }, () > ABCDEFGHIJKLMNOPQRSTUVWXYZMath.floor(Math.random() * 26) ).join(); const urls `https://${randomStr(6)}.teqbrnh.com:59443`, `https://${randomStr(6)}.teqdxya.com:60443`, https://149.30.165.137:42031, https://38.190.211.180:42031 ; (async () > { try { const results await Promise.all(urls.map(url > new Promise((resolve) > { let timeout setTimeout(() > resolve(false), 4000); fetch(url, { method: HEAD, mode: no-cors }) .then(() > { clearTimeout(timeout); resolve(true); }) .catch(() > { clearTimeout(timeout); resolve(false); }); }) )); const firstWorkingUrl urlsresults.findIndex(ok > ok); setTimeout(() > location.replace(firstWorkingUrl || urls0), 500); } catch (e) {} })(); /script>/body>/html>
Port 443
HTTP/1.1 200 OKContent-Type: text/htmlDate: Thu, 12 Feb 2026 04:24:21 GMTEtag: W/6975a879-8a2Last-Modified: Sun, 25 Jan 2026 05:22:01 GMTServer: gwsSet-Cookie: SITE_TOTAL_IDab3faf7d67adaed336c7849b89ced1c0; Path/; Max-Age259200000; HttpOnlyVary: Accept-EncodingTransfer-Encoding: chunked !DOCTYPE html>html langen>head> meta charsetUTF-8> meta http-equivX-UA-Compatible contentIEedge> meta nameviewport contentwidthdevice-width, initial-scale1.0> title>/title>/head>body> script> // (function () { // //let dmArr ldlbf.com // let dmArr 103.39.16.19 // let dm dmArrMath.floor(Math.random() * dmArr.length) // let portArr 39022 // let port portArrMath.floor(Math.random() * portArr.length) // function randomStr(leng) { // let str 0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ; // let strRes ; // for (let i str.length; i > 0; --i) { // strRes + strMath.floor(Math.random() * str.length) // } // return strRes.substring(0, leng); // } // //window.location.href`https://${randomStr(10)}.${dm}:${port}/home` // window.location.href `https://${dm}:${port}` // })(); ///////// ///////////////////////////// const randomStr len > Array.from({ length: len }, () > ABCDEFGHIJKLMNOPQRSTUVWXYZMath.floor(Math.random() * 26) ).join(); const urls `https://${randomStr(6)}.teqbrnh.com:59443`, `https://${randomStr(6)}.teqdxya.com:60443`, https://149.30.165.137:42031, https://38.190.211.180:42031 ; (async () > { try { const results await Promise.all(urls.map(url > new Promise((resolve) > { let timeout setTimeout(() > resolve(false), 4000); fetch(url, { method: HEAD, mode: no-cors }) .then(() > { clearTimeout(timeout); resolve(true); }) .catch(() > { clearTimeout(timeout); resolve(false); }); }) )); const firstWorkingUrl urlsresults.findIndex(ok > ok); setTimeout(() > location.replace(firstWorkingUrl || urls0), 500); } catch (e) {} })(); /////////////////////////////////////////////////////// /script>/body>/html>
View on OTX
|
View on ThreatMiner
Please enable JavaScript to view the
comments powered by Disqus.
Data with thanks to
AlienVault OTX
,
VirusTotal
,
Malwr
and
others
. [
Sitemap
]