Locky Distribution Site :: cnesa.cn

Host Information

Locky Distribution Site:cnesa.cn
Threat:Distribution Site
Malware:Locky
URL:http://cnesa.cn/au6rql7
Host Status:offline
Blacklist check:Spamhaus DBL:Not Listed
 SURBL:LISTED
Domain Registar:成都西维数码科技有限公司
Nameserver(s):ns1-domain-expired.myhostadmin.net
 ns2-domain-expired.myhostadmin.net
Firstseen (UTC):2016-11-03 06:11:34
Lastseen (UTC):never

Associated IP addresses

The table below shows all ip addresses (e.g. A records) associated with this Locky Distribution Site. In case the host is a domain name, the table also shows a history of previous A records if there are any.

Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address).

yes = Active A record
no = Historical record
)
Firstseen (UTC)Lastseen (UTC)IP addressHostnameSBLAS numberAS nameCountry
yes2019-09-18 02:27:10never127.0.0.1localhostNot listedAS9498BBIL-AP BHARTI Airtel Ltd., INn/a
no2017-03-21 02:15:382017-03-23 02:09:46119.28.37.174Not listedAS133478COMSENZ-AS-AP Comsenz, CN- China (CN)
no2017-09-21 01:58:372017-09-24 02:04:2450.117.113.222Not listedAS18779EGIHOSTING - EGIHosting, US- United States (US)
no2017-09-25 02:04:12never50.117.113.220Not listedAS18779EGIHOSTING - EGIHosting, US- United States (US)
no2018-12-28 02:36:222019-04-14 02:29:3043.224.154.161Not listedAS132719CWDDTCL-AS-AP Chengdu West Dimension Dig[...]- Singapore (SG)
no2018-12-22 02:38:192018-12-27 02:36:00219.234.24.115Not listedAS132719CWDDTCL-AS-AP Chengdu West Dimension Dig[...]- China (CN)
no2016-11-03 06:56:482019-09-17 02:28:56124.207.127.186Not listedAS17816CHINA169-GZ China Unicom IP network Chin[...]- China (CN)
no2016-11-30 03:58:422017-01-04 09:38:31123.207.167.192Not listedAS45090CNNIC-TENCENT-NET-AP Shenzhen Tencent Co[...]- China (CN)
no2017-04-19 02:10:262017-05-13 02:08:41119.28.7.208Not listedAS133478TENCENT-AS-AP Tencent Cloud Computing (B[...]- China (CN)
no2017-03-10 13:36:42never119.28.7.165Not listedAS133478COMSENZ-AS-AP Comsenz, CN- China (CN)
no2017-01-05 09:15:522017-03-09 02:10:41119.28.50.61Not listedAS133478COMSENZ-AS-AP Comsenz, CN- China (CN)
no2017-02-06 09:03:512017-03-01 02:12:53119.28.37.31Not listedAS133478COMSENZ-AS-AP Comsenz, CN- China (CN)
no2017-03-24 02:07:152017-04-04 02:05:36119.28.37.186Not listedAS133478COMSENZ-AS-AP Comsenz, CN- China (CN)
no2018-09-18 02:38:522018-09-27 02:39:40103.232.215.159Not listedAS18779EGIHOSTING - EGIHosting, US- China (CN)
no2017-03-17 02:12:202017-03-18 02:06:02119.28.37.168Not listedAS133478COMSENZ-AS-AP Comsenz, CN- China (CN)
no2017-03-12 02:07:28never119.28.37.148Not listedAS133478COMSENZ-AS-AP Comsenz, CN- China (CN)
no2017-03-14 02:07:122017-03-16 02:10:58119.28.37.136Not listedAS133478COMSENZ-AS-AP Comsenz, CN- China (CN)
no2017-03-19 02:09:48never119.28.37.135Not listedAS133478COMSENZ-AS-AP Comsenz, CN- China (CN)
no2017-03-11 02:09:52never119.28.37.131Not listedAS133478COMSENZ-AS-AP Comsenz, CN- China (CN)
no2017-03-13 02:12:03never119.28.37.121Not listedAS133478COMSENZ-AS-AP Comsenz, CN- China (CN)
no2017-03-10 03:50:44never119.28.37.113Not listedAS133478COMSENZ-AS-AP Comsenz, CN- China (CN)
no2017-04-05 02:02:122017-04-18 02:09:41119.28.35.39Not listedAS133478COMSENZ-AS-AP Comsenz, CN- China (CN)
no2017-10-06 01:09:152017-10-24 01:12:14119.28.34.86Not listedAS132203TENCENT-NET-AP-CN Tencent Building, Keji[...]- China (CN)
no2017-10-25 01:10:402017-12-06 02:17:07119.28.34.28Not listedAS132203TENCENT-NET-AP-CN Tencent Building, Keji[...]- China (CN)
no2017-09-26 02:03:552017-10-05 01:31:40119.28.34.154Not listedAS132203TENCENT-AS-AP Tencent Cloud Computing (B[...]- China (CN)

# IPs found: 25 (max. 25)

Dropped files

Latest 100 files (malware samples) dropped by this distribution site.

Firstseen (UTC)MD5 hashFilesizeVTSignature
2016-11-03 06:56:449bc1d7eecec9b736d6b00c413bf346c7119'296 bytesVirustotal results 19/57 (33.33%) n/a

Unique dropped files: 1