Domain > 5u.com

More information on this domain is in AlienVault OTX

Files that talk to 5u.com

MD5	A/V
4480cb28f16b46ea6e1195890b724c29	[Win32.Leave.B@mm] [Worm.Leave.b.n3] [Artemis!4480CB28F16B] [Worm.Leave.Win32.11] [W32/Leave.b] [Trojan.Win32.Leave.frxv] [W32/Risk.YKLX-6623] [Leave.CW] [WORM_LEAVE.B] [Win32:Leave-E] [Worm.Win32.Leave.b] [Worm.Leave!0wE0nHgK1so] [Worm.Win32.Leave.70144] [Worm.Win32.Leave.B] [BehavesLike.Win32.Dropper.kc] [Mal/IRCBot-B] [W32/Malware!f8cd] [I-Worm/Leave.b] [Worm/Leave.B] [Worm/Win32.Leave] [Worm.Leave.b.(kcloud)] [Worm:Win32/Leave.B] [Worm.Leave.b] [Win32/Leave.B] [Win32.Worm.Leave.Pciq] [Worm.Win32.Leave] [W32/Leave!worm] [I-Worm/Leave] [Worm.Win32.Leave.aJIM]
7da326f4278c1b4fbea4aefdfec6f44e	[W32.Clodac6.Trojan.e58e] [Worm.Leave.e.n3] [W32/Leave.worm.b] [Worm.Leave.Win32.4] [W32/Leave.e] [Trojan.Win32.Leave.fwdw] [W32/Risk.CKRP-5602] [W32.Leave.worm] [Leave.N] [Win32/Leave.L] [WORM_LEAVE.M] [Worm.Leave.E] [Worm.Win32.Leave.e] [I-Worm.Leave.D] [Worm.Win32.Leave.184320] [W32/Leave-K] [Worm.Win32.Leave.E] [W32/Malware!ff6f] [I-Worm/Leave.e] [Worm/Leave.E] [Worm/Win32.Leave] [Worm.Leave.e.(kcloud)] [Worm:Win32/Leave.E] [Win32/Leave.worm.184320] [Worm.Leave] [Win32/Leave.E] [Win32.Worm.Leave.bvpb] [Worm.Win32.Leave] [W32/Leave.E@mm] [I-Worm/Leave] [Worm.Win32.Leave.Ao] [Win32/Trojan.a4e]
588932a81135e2bed9934bd6000a3c7a	[W32.Clod179.Trojan.9421] [Worm.Leave.i.n3] [Artemis!588932A81135] [W32/Leave.i] [Trojan.Win32.Leave.frxx] [W32/Risk.FRML-4868] [Leave.I] [WORM_LEAVE.I] [Worm.Win32.Leave.i] [Worm.Leave!TZT+lXkUTwM] [I-Worm.Win32.Leave.70144] [Mal/IRCBot-B] [Worm.Win32.Leave.I] [BehavesLike.Win32.Dropper.kc] [W32/Malware!213d] [I-Worm/Leave.i] [Worm/Leave.I] [Worm/Win32.Leave] [Worm.Leave.i.(kcloud)] [Worm:Win32/Leave.I] [Worm.Leave] [Worm.Win32.Leave.aFb] [Win32/Leave.I] [Win32.Worm.Leave.bhnt] [W32/Leave.I!worm] [Worm/Leave.A]
0482D1652C2A0E6C16CA3E2A53BE0783
9DC0F7E7AEC2BDA05D70FDFA2FC50BD0	[W32.Clodba7.Trojan.75bd] [Trojan/W32.Rootkit.308736] [Trojan/Antavmu.lfj] [W32/Heuristic-PCA!Eldorado] [Trojan.Turla] [BKDR_TURLA.YKV] [Trojan.Win32.Antavmu.lfj] [Trojan.Antavmu!9ZuQSGYjgF4] [UnclassifiedMalware] [BackDoor.Turla.2] [Troj/Turla-B] [Trojan/Win32.Antavmu] [Win32.Troj.Antavmu.l.(kcloud)] [Backdoor:Win32/Turla.C] [W32/Trojan.FOVZ-4467] [Trojan.Win32.Antavmu.anzw] [Trojan.Win32.Antavmu] [W32/Dx.VKL!tr] [SHeur3.BBZF] [Trj/CI.A]
FA4BDA12C94824AB451DA83BAE240C5D
938B92958DED4D50A357D22EDDF141AD

Whois

Property	Value
Name	United Online Web Services, Inc.
Organization	United Online Web Services, Inc.
Email	domains@noc.untd.com
Address	21301 Burbank Boulevard
Zip Code	91367-6677
City	Woodland Hills
State	CA
Country	US
Phone	+1.2063015700
Fax	+1.2063015795
NameServer	ns1.freeservers.com
Created	1998-10-18 06:00:00
Changed	2014-10-21 20:08:15
Expires	2015-10-17 00:00:00
Registrar	CSC CORPORATE DOMAIN

DNS Resolutions

Date	IP Address
2009-12-28	64.136.20.39 (ClassC)
2010-10-18	64.136.20.38 (ClassC)
2012-08-24	64.136.20.37 (ClassC)
2012-12-30	64.136.20.32 (ClassC)
2013-01-07	64.136.20.34 (ClassC)
2013-01-07	64.136.20.44 (ClassC)
2013-01-08	64.136.20.43 (ClassC)
2013-01-27	64.136.20.33 (ClassC)
2013-01-31	64.136.20.41 (ClassC)
2013-04-28	64.136.20.42 (ClassC)
2013-05-04	64.136.20.31 (ClassC)
2013-05-05	64.136.20.40 (ClassC)
2013-05-14	64.136.20.51 (ClassC)
2013-05-16	64.136.20.59 (ClassC)
2013-09-21	64.136.20.36 (ClassC)
2014-05-13	64.136.20.35 (ClassC)
2014-09-03	64.136.20.57 (ClassC)
2015-02-27	64.136.20.54 (ClassC)
2015-03-30	64.136.20.61 (ClassC)
2015-04-01	64.136.20.62 (ClassC)
2015-04-30	64.136.20.58 (ClassC)
2017-02-10	23.234.4.153 (ClassC)
2017-05-10	23.234.4.151 (ClassC)
2019-12-12	103.224.251.77 (ClassC)
2023-08-05	8.45.176.168 (ClassC)
2023-08-19	47.246.50.138 (ClassC)
2023-08-25	47.246.50.183 (ClassC)
2023-09-11	8.48.85.225 (ClassC)
2023-09-11	8.48.85.230 (ClassC)
2023-09-11	8.48.85.226 (ClassC)
2023-09-11	8.48.85.227 (ClassC)
2023-09-11	8.48.85.1 (ClassC)
2023-09-11	8.48.85.228 (ClassC)
2023-09-11	8.48.85.2 (ClassC)
2023-09-11	8.48.85.229 (ClassC)
2023-09-29	8.45.176.231 (ClassC)
2023-10-20	8.25.82.226 (ClassC)
2023-10-20	8.25.82.231 (ClassC)
2023-10-20	8.25.82.227 (ClassC)
2023-10-20	8.25.82.232 (ClassC)
2023-10-20	8.25.82.228 (ClassC)
2023-10-20	8.25.82.229 (ClassC)
2023-10-20	8.25.82.225 (ClassC)
2023-10-20	8.25.82.230 (ClassC)
2023-11-01	8.45.176.227 (ClassC)
2023-11-16	8.45.176.228 (ClassC)
2023-12-02	163.181.66.108 (ClassC)
2023-12-19	47.246.20.230 (ClassC)
2023-12-19	47.246.20.231 (ClassC)
2023-12-19	47.246.20.227 (ClassC)
2023-12-19	47.246.20.232 (ClassC)
2023-12-19	47.246.20.228 (ClassC)
2023-12-19	47.246.20.233 (ClassC)
2023-12-19	47.246.20.229 (ClassC)
2023-12-19	47.246.20.234 (ClassC)
2024-01-09	47.246.23.146 (ClassC)
2024-01-27	163.181.66.110 (ClassC)
2024-02-06	163.181.66.104 (ClassC)
2024-02-10	163.181.66.107 (ClassC)
2024-02-20	8.45.176.226 (ClassC)
2024-03-02	8.25.82.116 (ClassC)
2024-03-02	8.25.82.117 (ClassC)
2024-03-02	8.25.82.118 (ClassC)
2024-03-02	8.25.82.114 (ClassC)
2024-03-02	8.25.82.119 (ClassC)
2024-03-02	8.25.82.115 (ClassC)
2024-03-02	8.25.82.121 (ClassC)
2024-03-07	163.181.66.106 (ClassC)
2024-03-12	163.181.66.109 (ClassC)
2024-04-02	8.45.176.232 (ClassC)
2024-04-12	8.25.82.241 (ClassC)
2024-04-12	8.25.82.249 (ClassC)
2024-04-12	8.25.82.242 (ClassC)
2024-04-12	8.25.82.243 (ClassC)
2024-04-12	8.25.82.239 (ClassC)
2024-04-12	8.25.82.244 (ClassC)
2024-04-12	8.25.82.240 (ClassC)
2024-04-12	8.25.82.248 (ClassC)
2024-04-14	8.45.176.229 (ClassC)
2024-04-22	8.45.176.202 (ClassC)
2024-04-29	8.45.176.233 (ClassC)
2024-05-08	163.181.66.242 (ClassC)
2024-05-15	8.45.176.194 (ClassC)
2024-05-23	163.181.66.240 (ClassC)
2024-05-30	163.181.66.243 (ClassC)
2024-06-07	163.181.66.241 (ClassC)
2024-06-08	8.25.82.177 (ClassC)
2024-06-08	8.25.82.163 (ClassC)
2024-06-08	8.25.82.178 (ClassC)
2024-06-08	8.25.82.164 (ClassC)
2024-06-08	8.25.82.179 (ClassC)
2024-06-08	8.25.82.165 (ClassC)
2024-06-08	8.25.82.180 (ClassC)
2024-06-08	8.25.82.176 (ClassC)
2024-06-10	47.246.23.232 (ClassC)
2024-07-27	104.18.33.57 (ClassC)
2024-08-15	172.64.154.199 (ClassC)
2024-09-29	104.18.29.181 (ClassC)
2024-10-06	104.18.28.181 (ClassC)
2024-11-22	20.78.33.89 (ClassC)
2024-12-10	172.67.201.186 (ClassC)
2024-12-15	104.21.93.2 (ClassC)
2024-12-15	188.114.96.7 (ClassC)
2024-12-15	188.114.97.7 (ClassC)
2025-05-29	3.33.251.168 (ClassC)
2025-08-07	15.197.225.128 (ClassC)

HTTP/1.1 200 OKServer: TengineContent-Type: text/html; charsetutf-8Transfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingSet-Cookie: acw_tc082db09a16912451846431186e602407a34a6a84f4b56d

!DOCTYPE html> html data-versionSat Aug 05 2023 03:28:32 GMT+0000 (Coordinated Universal Time)> head> meta charsetUTF-8> title>/title> meta nameviewport contentwidthdevice-width,initial-scale1,user-scalableno> meta namemobile-web-app-capable contentyes> meta nameapple-mobile-web-app-capable contentyes> meta nameapple-mobile-web-app-status-bar-style contentblack> meta http-equivX-UA-Compatible contentieedge> meta http-equivContent-Security-Policy contentupgrade-insecure-requests> meta namegoogle contentnotranslate> link relicon hrefdata:image/ico;base64,aWNv> link relmanifest idpwa-manifest> script deferdefer>!function(){for(var eJSON.stringify({accessRestrictedBackgroundColor:rgba(255,255,255),accessRestrictedContent:p styletext-align: center;>span stylecolor: #060600;>strong>span stylefont-size: 32px;>访问受限/span>/strong>/span>/p>
 p styletext-align: center;>span stylecolor: #060600;>strong>span stylefont-size: 32px;>Access Restricted/span>/strong>/span>/p>
 p styletext-align: center;> /p>
 p styletext-align: center;> /p>
 p styleline-height: 1.6;>        span stylefont-size: 18px; color: #060600;>IP所在地区不在我们的服务范围，请更换其他国家IP，若给您带来的不便，敬请谅解。/span>/p>
 p styleline-height: 1.6;>span stylefont-size: 18px; color: #060600;>      Your IP address is out of our service range, please change to an IP of a different country. We sincerely apologize for the inconvenience caused/span>/p>
 p> /p>,accessRestrictedImagePath:https://4nd5q1-721-ppp.oss-accelerate.aliyuncs.com/cocos/lg/access-restricted-image.png,appIconBigPath:https://4nd5q1-721-ppp.oss-accelerate.aliyuncs.com/cocos/lg/appIconBig.png,appIconSkeletonPath:,appIconSmallPath:https://4nd5q1-721-ppp.oss-accelerate.aliyuncs.com/cocos/lg/appIconSmall.png,dec2NyaXB07df801d5-d8fa-47b1-bae2-fc04538ef8f4ion:K99bet,keyword:K99bet,languageCode:pt,loadingImg:https://4nd5q1-721-ppp.oss-accelerate.aliyuncs.com/cocos/lg/h5-load.png,ossName:4nd5q1-721-ppp

Subdomains

Date	Domain	IP
bethel54fire.5u.com	2024-10-20	104.21.93.2
7even.5u.com	2024-12-07	172.67.201.186
yahoo.5u.com	2024-11-19	104.21.93.2
budget-car.5u.com	2024-12-10	104.21.93.2
promoters.5u.com	2024-10-23	172.67.201.186
l33t.5u.com	2024-11-07	104.21.93.2
support4u.5u.com	2013-09-04	64.136.20.38
brasiltv.5u.com	2024-12-14	172.67.201.186

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]

Domain > 5u.com

Is this malicious?

Files that talk to 5u.com

Whois

DNS Resolutions

Port 80

Port 443

Subdomains