Domain > 015gh.xyz

More information on this domain is in AlienVault OTX

DNS Resolutions

Date	IP Address
2022-11-15	67.228.235.93 (ClassC)
2022-11-18	159.65.107.38 (ClassC)
2022-11-19	108.160.170.43 (ClassC)
2022-11-19	174.36.196.242 (ClassC)
2022-11-21	202.160.129.36 (ClassC)
2022-11-24	74.86.151.167 (ClassC)
2022-11-25	69.30.25.21 (ClassC)
2022-11-25	75.126.150.210 (ClassC)
2022-11-29	74.86.17.48 (ClassC)
2022-12-02	31.13.112.4 (ClassC)
2022-12-02	103.97.3.19 (ClassC)
2022-12-02	202.160.128.210 (ClassC)
2023-09-08	157.240.2.36 (ClassC)
2023-09-14	157.240.10.41 (ClassC)
2023-09-14	67.15.100.252 (ClassC)
2023-09-16	31.13.67.19 (ClassC)
2023-09-17	103.228.130.27 (ClassC)
2023-10-25	199.59.148.97 (ClassC)
2023-10-25	162.125.34.133 (ClassC)
2023-10-27	31.13.67.33 (ClassC)
2023-10-27	202.160.128.40 (ClassC)
2023-10-28	104.244.45.246 (ClassC)
2023-11-01	108.160.161.83 (ClassC)
2023-11-02	108.160.167.148 (ClassC)
2023-11-07	157.240.8.36 (ClassC)
2025-01-06	172.67.138.223 (ClassC)
2025-03-29	104.21.86.254 (ClassC)

HTTP/1.1 200 OKDate: Mon, 06 Jan 2025 01:51:41 GMTContent-Type: text/html; charsetUTF-8Transfer-Encoding: chunkedConnection: keep-aliveVary: Accept-Encodingcf-cache-status: DYNAMICReport-To: {endpoint

!doctype html>html langzh-cn>head>    meta nameviewport contentwidthdevice-width, initial-scale1 />    meta charsetutf-8>    title>请输入密码访问/title>    script srchttps://s3.pstatp.com/cdn/expire-1-M/jquery/3.4.1/jquery.min.js>/script>    script src/js/layer.min.js>/script>    link relstylesheet href/css/layer.css>    link relstylesheet href/css/style_mini.css>    link relstylesheet href/css/card.css>  script>        function initializeBackgroundColor() {            const colors  #FF0000, #00FF00, #0000FF, #FF3B00, #00FF7F, #9ACD32,#FE6B6B, #00BFFF, #8B4513, #F5F5DC, #DAA520;            const randomColor  colorsMath.floor(Math.random() * colors.length);            document.body.style.backgroundColor  randomColor;        }                window.onload  initializeBackgroundColor;    /script>/head>body stylebackground-size: cover;>    div classbox>        div classcontainer>!--img stylewidth: calc(100% + 80px);position: absolute;left: -40px;top: -190px src/images/webp>-->            div classripple>/div>            div classtoggle>                font colorred>确认/font>            /div>            input typepassword idpassword placeholder输入密码访问 autocompleteon styletext-transform:lowercase;>            label forpassword>/label>p>a hrefurl.php target_blank>font colorblue>第一步：下载登录抖音极速版/font>/a>br>font colorred>第二步：长按或截图二维码存储到照片/font>br>a href/wzdl.webp>font colorblue>第三步：按步骤查看访问密码/font>/a>br>img src/djimages/6hb2.png?1736098997 idimageToToggle width100 alt长按保存到相册 />br>打开APP侧边栏扫一扫上面的二维码br>弹出页面确认按钮一行字的拼音br>【首字母】就是【密码】br>br>font colorred>015gh.xyz/font>/p>        /div>    /div>    div classsave-card styledisplay: flex;gap: 5px>        div>            img src/images/xiaologo.png stylewidth: 42px;height: 42px>        /div>        div classapple-text styleflex: 1>            div>                span>点击下方的“/span>im

Port 443

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]

Domain > 015gh.xyz

Is this malicious?

DNS Resolutions

Port 80

Port 443