Locky Distribution Site :: ejiavip.com

Host Information

Locky Distribution Site:ejiavip.com
Threat:Distribution Site
Malware:Locky
URL:http://ejiavip.com/43ftybb8
Host Status:offline
Blacklist check:Spamhaus DBL:Not Listed
 SURBL:Not Listed
Domain Registar:SHANGHAI MEICHENG TECHNOLOGY INFORMATION DEVELOPMENT CO., LTD.
Firstseen (UTC):2016-11-03 05:56:15
Lastseen (UTC):never

Associated IP addresses

The table below shows all ip addresses (e.g. A records) associated with this Locky Distribution Site. In case the host is a domain name, the table also shows a history of previous A records if there are any.

Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address).

yes = Active A record
no = Historical record
)
Firstseen (UTC)Lastseen (UTC)IP addressHostnameSBLAS numberAS nameCountry
no2018-08-27 03:26:35never50.63.202.49ip-50-63-202-49.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-08-28 03:27:062019-08-30 03:15:3564.140.146.49Not listedAS46261QUICKPACKET - QuickPacket, LLC, US- United States (US)
no2018-06-19 03:22:442018-07-19 03:22:5759.188.232.88Not listedAS17444NWT-AS-AP AS number for New World Teleph[...]- Hong Kong (HK)
no2019-09-25 03:17:572019-09-26 03:15:2650.63.202.94ip-50-63-202-94.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-09-30 03:17:532019-10-04 03:26:1250.63.202.83ip-50-63-202-83.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-10-05 03:26:27never50.63.202.82ip-50-63-202-82.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-09-01 03:15:352019-10-03 03:18:0450.63.202.79ip-50-63-202-79.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-10-02 03:13:59never50.63.202.76ip-50-63-202-76.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-09-12 03:14:392019-10-06 03:26:0950.63.202.71ip-50-63-202-71.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-08-31 03:16:462019-09-07 03:14:3450.63.202.67ip-50-63-202-67.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-04-24 02:13:512017-05-13 02:18:09113.10.199.104Not listedAS17444NWT-AS-AP AS number for New World Teleph[...]- Hong Kong (HK)
no2019-09-03 03:15:36never184.168.221.82ip-184-168-221-82.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-09-06 03:13:422019-09-09 03:16:17184.168.221.81ip-184-168-221-81.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-09-02 03:16:012019-09-10 03:14:20184.168.221.76ip-184-168-221-76.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-09-15 03:13:312019-09-27 03:14:50184.168.221.66ip-184-168-221-66.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-09-13 03:17:352019-10-01 03:15:16184.168.221.65ip-184-168-221-65.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-08-26 03:27:09never184.168.221.49ip-184-168-221-49.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2016-11-03 07:19:522016-12-04 04:02:57122.114.98.185Not listedAS37943CNNIC-GIANT ZhengZhou GIANT Computer Net[...]- China (CN)
no2016-12-07 11:04:592017-04-23 02:18:07113.10.202.229Not listedAS17444NWT-AS-AP AS number for New World Teleph[...]- Hong Kong (HK)
no2017-09-06 01:00:242018-06-18 01:20:53113.10.199.40Not listedAS17444NWT-AS-AP AS number for New World Teleph[...]- Hong Kong (HK)

# IPs found: 20 (max. 25)

Dropped files

Latest 100 files (malware samples) dropped by this distribution site.

Firstseen (UTC)MD5 hashFilesizeVTSignature
2016-11-03 07:19:3679dd3cbe9b3d814f813afcd4203d10ec322'526 bytesn/an/a
2016-11-03 06:42:533b7e87f5f5e8824d46c6360e3bcba3ad323'584 bytesVirustotal results 6/57 (10.53%) n/a

Unique dropped files: 2