Locky Distribution Site :: discuzshop.com

Host Information

Locky Distribution Site:discuzshop.com
Threat:Distribution Site
Malware:Locky
URL:http://discuzshop.com/kjg56f7
Host Status:offline
Blacklist check:Spamhaus DBL:Not Listed
 SURBL:Not Listed
Domain Registar:CHENGDU WEST DIMENSION DIGITAL TECHNOLOGY CO., LTD.
Nameserver(s):ns1.pending-renewal-domain.com
 ns2.pending-renewal-domain.com
Firstseen (UTC):2016-11-03 06:05:21
Lastseen (UTC):never

Associated IP addresses

The table below shows all ip addresses (e.g. A records) associated with this Locky Distribution Site. In case the host is a domain name, the table also shows a history of previous A records if there are any.

Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address).

yes = Active A record
no = Historical record
)
Firstseen (UTC)Lastseen (UTC)IP addressHostnameSBLAS numberAS nameCountry
yes2018-06-28 02:57:14never103.232.215.157Not listedAS18779EGIHOSTING - EGIHosting, US- China (CN)
no2017-09-21 02:01:162018-06-27 02:58:25118.123.18.245Not listedAS38283CHINANET-SCIDC-AS-AP CHINANET SiChuan Te[...]- China (CN)
no2016-11-03 07:03:072017-04-16 02:27:04122.114.99.125Not listedAS37943CNNIC-GIANT ZhengZhou GIANT Computer Net[...]- China (CN)
no2018-04-12 01:14:322018-04-13 01:14:54211.149.254.127Not listedAS38283CHINANET-SCIDC-AS-AP CHINANET SiChuan Te[...]- China (CN)
no2017-12-15 01:15:42never211.149.254.223Not listedAS38283CHINANET-SCIDC-AS-AP CHINANET SiChuan Te[...]- China (CN)
no2017-12-13 02:38:14never211.149.254.228Not listedAS38283CHINANET-SCIDC-AS-AP CHINANET SiChuan Te[...]- China (CN)
no2017-11-08 01:16:28never211.149.254.247Not listedAS38283CHINANET-SCIDC-AS-AP CHINANET SiChuan Te[...]- China (CN)
no2017-11-05 01:15:562017-11-06 01:15:44211.149.254.248Not listedAS38283CHINANET-SCIDC-AS-AP CHINANET SiChuan Te[...]- China (CN)
no2017-04-17 02:21:022017-05-10 02:15:2750.117.113.220Not listedAS18779EGIHOSTING - EGIHosting, US- United States (US)
no2017-05-11 02:20:262017-05-13 02:12:4450.117.113.222Not listedAS18779EGIHOSTING - EGIHosting, US- United States (US)

# IPs found: 10 (max. 25)

Dropped files

Latest 100 files (malware samples) dropped by this distribution site.

Firstseen (UTC)MD5 hashFilesizeVTSignature
2016-11-05 02:40:305c3e2d0fbebfb2646f0dd3ed6fbb821f66'227 bytesn/an/a
2016-11-03 06:42:359857b8950dea8b1cda4cb7a4bc869b3f323'584 bytesVirustotal results 16/59 (27.12%) n/a

Unique dropped files: 2