home

dl.sh5y.com

xiao jie

Domain Information

The domain dl.sh5y.com registered by xiao jie was initially registered in June of 2014 through ENAME TECHNOLOGY CO., LTD.. The hosted servers are located in Foshan, Guangdong within China which resides on the Asia Pacific Network Information Centre network.
Registrar:
ENAME TECHNOLOGY CO., LTD.

Server location:
Guangdong, China (CN)

Create date:
Friday, June 13, 2014

Expires date:
Tuesday, June 13, 2017

Updated date:
Thursday, January 8, 2015

ASN:
AS58543 CHINATELECOM-GUANGDONG-IDC Guangdong, CN

Root domain:
sh5y.com

Whois:
1 sh5y.com record

Google Safe Browsing:
unwanted

Scan engine
Details
Detections

K7 AntiVirus
Unwanted-Program
100.00%

Dr.Web
Program.Unwanted.432
100.00%

AVG
Generic
100.00%

The domain dl.sh5y.com has been seen to resolve to the following 3 IP addresses.

183.56.172.10
April 15, 2016

183.62.114.249
April 15, 2016

183.56.172.229
April 15, 2016

File downloads found at URLs served by dl.sh5y.com.

3 / 68      (inconclusive)
http://dl.sh5y.com/down.php?sid=493  (ad273c73c35c1e2e23eb507000939bd7)

The following 19 files have been seen to comunicate with dl.sh5y.com in live environments.

TCP » 183.56.172.10:80
life_assistant.crx

TCP » 183.56.172.10:80
leidian.crx

TCP » 183.56.172.10:80
music.crx

TCP » 183.56.172.10:80
novel.crx

TCP » 183.56.172.10:80
life_assistant.crx

TCP » 183.56.172.10:80
leidian.crx

TCP » 183.56.172.10:80
shipin.crx

TCP » 183.56.172.10:80
music.crx

TCP » 183.56.172.10:80
novel.crx

TCP » 183.56.172.10:80
leidian.crx

TCP » 183.56.172.10:80
ejmoceoaphoacojefmkhmfbgkidaefdl.crx

TCP » 183.56.172.10:80
live_assist.crx

TCP » 183.56.172.229:80
piao_5.2.0.32.crx

TCP » 183.56.172.229:80
piao.crx

TCP » 183.56.172.229:80
piao.crx

TCP » 183.56.172.229:80
fqb.crx

TCP » 183.56.172.229:80
fvddownloader_2.1.1.crx

TCP » 183.56.172.229:80
cortica_addon_3.2.0.88.crx

TCP » 183.62.114.249:80
mail_check_1.0.1.1029.crx

URL:
http://dl.sh5y.com/

Title:
“dl”

Web server:
nginx

7r7z.com

869v.com

duowan.com

it376.com

ke8u.com

miliao.com

miui.com

moyoi.com

winrar.com.cn

yeecall.com

yingyonghui.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.