Domain > down.shg20.com

More information on this domain is in AlienVault OTX

Is this malicious?

Files that talk to down.shg20.com

MD5	A/V
c79dfcd9b989f48ae7900d41a2164618	[PUP.Optional.ChinAd] [virus.win32.sality.at] [PUA_Xiazai] [Trojan.Win32.Winlock.edusxx] [Trojan.Winlock.13291] [PUA_Xiazai] [Artemis!PUP] [Trojan/Win32.PackedNsisMod.o] [Trojan.Application.Mikey.D882B] [BrowserModifier:Win32/Xiazai] [PUP/Win32.Installer.R185010] [Artemis!C79DFCD9B989] [Downloader.Xiazai] [PUA.Downloader!] [PUA.Softcnapp]
c91456fcbe1d38b69f6efcd02590feb4
35540d8a138653d37ef562416204221f

Whois

Property	Value
Email	singlelee@foxmail.com
NameServer	F1G1NS2.DNSPOD.NET
Created	2016-09-23 00:00:00
Changed	2016-09-27 00:00:00
Expires	2017-09-23 00:00:00
Registrar	ENAME TECHNOLOGY CO.

DNS Resolutions

Date	IP Address
2016-11-21	63.159.216.112 (ClassC)
2017-03-30	59.56.26.49 (ClassC)
2017-04-21	14.152.93.60 (ClassC)
2017-04-28	42.81.25.50 (ClassC)
2017-05-03	183.47.234.86 (ClassC)
2017-05-10	42.81.25.51 (ClassC)
2017-05-12	61.155.212.247 (ClassC)
2018-12-10	14.17.120.86 (ClassC)
2019-01-15	58.20.135.130 (ClassC)
2019-01-16	122.227.189.106 (ClassC)
2019-04-07	183.134.12.74 (ClassC)
2019-05-10	36.104.150.194 (ClassC)
2019-08-14	163.171.134.120 (ClassC)
2019-09-01	157.185.146.128 (ClassC)
2019-09-04	157.185.170.142 (ClassC)
2019-10-08	157.185.144.121 (ClassC)
2019-10-10	157.185.156.120 (ClassC)
2019-10-11	157.185.169.228 (ClassC)
2020-01-26	157.185.144.118 (ClassC)
2020-06-17	157.185.144.119 (ClassC)
2020-06-24	157.185.163.159 (ClassC)
2021-03-05	163.171.140.181 (ClassC)
2022-03-08	157.185.174.16 (ClassC)
2022-05-25	157.185.145.133 (ClassC)
2022-11-13	157.185.169.230 (ClassC)
2024-11-23	143.92.60.138 (ClassC)
2025-04-10	206.238.197.12 (ClassC)
2025-07-15	217.114.47.177 (ClassC)
2025-07-22	217.114.47.179 (ClassC)

Port 80

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]