Locky Distribution Site :: xixiaxianggua.com

Host Information

Locky Distribution Site:xixiaxianggua.com
Threat:Distribution Site
Malware:Locky
URL:http://xixiaxianggua.com/l9wz8
Host Status:offline
Blacklist check:Spamhaus DBL:Not Listed
 SURBL:Not Listed
Domain Registar:BIZCN.COM, INC.
Nameserver(s):ns1.dns.com
 ns2.dns.com
Firstseen (UTC):2016-10-07 09:14:40
Lastseen (UTC):never

Associated IP addresses

The table below shows all ip addresses (e.g. A records) associated with this Locky Distribution Site. In case the host is a domain name, the table also shows a history of previous A records if there are any.

Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address).

yes = Active A record
no = Historical record
)
Firstseen (UTC)Lastseen (UTC)IP addressHostnameSBLAS numberAS nameCountry
yes2019-01-03 05:54:212019-09-17 05:44:1023.238.156.21Not listedAS40676AS40676 - Psychz Networks, US- United States (US)
no2019-01-02 05:55:34never8.8.8.8google-public-dns-a.google.comNot listedAS15169GOOGLE - Google LLC, US- United States (US)
no2017-11-22 01:38:002018-04-18 01:40:12107.164.180.249Not listedAS18779EGIHOSTING - EGIHosting, US- United States (US)
no2018-09-24 06:00:162018-10-17 06:16:5159.188.232.88Not listedAS17444NWT-AS-AP AS number for New World Teleph[...]- Hong Kong (HK)
no2018-12-29 05:53:38never50.63.202.59ip-50-63-202-59.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-12-21 05:57:412018-12-28 05:58:0650.63.202.46ip-50-63-202-46.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-12-31 05:55:20never50.63.202.35ip-50-63-202-35.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-11-02 01:41:242017-11-21 01:38:4450.117.57.57Not listedAS18779EGIHOSTING - EGIHosting, US- United States (US)
no2017-09-28 01:37:002017-09-29 01:33:4847.89.57.59Not listedAS45102CNNIC-ALIBABA-CN-NET-AP Alibaba (China) [...]- Hong Kong (HK)
no2017-09-30 01:37:052017-10-28 01:38:0647.89.57.34Not listedAS45102CNNIC-ALIBABA-CN-NET-AP Alibaba (China) [...]- Hong Kong (HK)
no2018-06-22 06:01:092018-09-23 05:59:09192.151.250.217lucas.yjuq.cnNot listedAS40065POWERLINE-AS-AP POWER LINE (HK) CO., LIM[...]- China (CN)
no2018-12-20 05:53:50never184.168.221.61ip-184-168-221-61.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-12-26 05:55:432019-01-01 05:57:14184.168.221.44ip-184-168-221-44.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-12-22 05:58:362018-12-27 05:54:50184.168.221.36ip-184-168-221-36.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-12-24 05:56:47never184.168.221.32ip-184-168-221-32.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-04-19 01:40:542018-06-20 06:00:34160.19.50.40Not listedAS135386LTG-AS-AP LinkChina Telecom Global Limit[...]- China (CN)
no2016-10-07 12:39:222017-02-25 01:40:39122.114.131.5Not listedAS37943CNNIC-GIANT ZhengZhou GIANT Computer Net[...]- China (CN)
no2017-02-26 01:39:262017-05-13 01:39:50122.114.130.183Not listedAS37943CNNIC-GIANT ZhengZhou GIANT Computer Net[...]- China (CN)

# IPs found: 18 (max. 25)

Dropped files

Latest 100 files (malware samples) dropped by this distribution site.

Firstseen (UTC)MD5 hashFilesizeVTSignature
2016-10-07 12:38:587de310edd4011b8293da422ec1e6afb7185'348 bytesVirustotal results 6/55 (10.91%) n/a

Unique dropped files: 1