Locky Distribution Site :: baoan99.com

Host Information

Locky Distribution Site:baoan99.com
Threat:Distribution Site
Malware:Locky
URL:http://baoan99.com/jllkv
Host Status:offline
Blacklist check:Spamhaus DBL:Not Listed
 SURBL:Not Listed
Domain Registar:SHANGHAI YOVOLE NETWORKS INC.
Nameserver(s):v1s1.xundns.com
 v1s2.xundns.com
Firstseen (UTC):2016-11-01 13:15:12
Lastseen (UTC):never

Associated IP addresses

The table below shows all ip addresses (e.g. A records) associated with this Locky Distribution Site. In case the host is a domain name, the table also shows a history of previous A records if there are any.

Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address).

yes = Active A record
no = Historical record
)
Firstseen (UTC)Lastseen (UTC)IP addressHostnameSBLAS numberAS nameCountry
yes2019-01-05 05:07:042019-11-12 04:58:08104.203.27.3434.27-203-104.rdns.scalabledns.comNot listedAS18978ENZUINC-US - Enzu Inc, US- United States (US)
no2018-08-25 05:10:15never52.7.109.10ec2-52-7-109-10.compute-1.amazonaws.comNot listedAS14618AMAZON-AES - Amazon.com, Inc., US- United States (US)
no2018-11-19 05:11:352018-12-12 05:09:1350.63.202.45ip-50-63-202-45.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-11-11 05:10:28never50.63.202.51ip-50-63-202-51.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-12-15 05:09:012019-01-04 05:05:0150.63.202.56ip-50-63-202-56.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-11-14 05:12:05never50.63.202.60ip-50-63-202-60.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-08-24 05:42:122018-08-31 05:09:2052.22.193.224ec2-52-22-193-224.compute-1.amazonaws.comNot listedAS14618AMAZON-AES - Amazon.com, Inc., US- United States (US)
no2018-09-01 05:09:142018-09-27 05:11:0252.5.230.6ec2-52-5-230-6.compute-1.amazonaws.comNot listedAS14618AMAZON-AES - Amazon.com, Inc., US- United States (US)
no2018-09-28 05:10:492018-10-03 05:06:5852.5.68.140ec2-52-5-68-140.compute-1.amazonaws.comNot listedAS14618AMAZON-AES - Amazon.com, Inc., US- United States (US)
no2018-08-26 05:09:442018-08-28 05:10:3652.54.175.33ec2-52-54-175-33.compute-1.amazonaws.comNot listedAS14618AMAZON-AES - Amazon.com, Inc., US- United States (US)
no2018-12-23 05:08:152018-12-30 05:06:0350.63.202.40ip-50-63-202-40.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-08-28 05:10:36never52.72.193.14ec2-52-72-193-14.compute-1.amazonaws.comNot listedAS14618AMAZON-AES - Amazon.com, Inc., US- United States (US)
no2018-09-28 05:10:482018-10-03 05:06:5752.86.215.8ec2-52-86-215-8.compute-1.amazonaws.comNot listedAS14618AMAZON-AES - Amazon.com, Inc., US- United States (US)
no2018-08-25 05:10:13never54.156.193.119ec2-54-156-193-119.compute-1.amazonaws.comNot listedAS14618AMAZON-AES - Amazon.com, Inc., US- United States (US)
no2018-08-24 05:42:152018-08-31 05:09:2054.165.2.22ec2-54-165-2-22.compute-1.amazonaws.comNot listedAS14618AMAZON-AES - Amazon.com, Inc., US- United States (US)
no2018-08-26 05:09:442018-08-27 05:09:3154.209.116.215ec2-54-209-116-215.compute-1.amazonaws.comNot listedAS14618AMAZON-AES - Amazon.com, Inc., US- United States (US)
no2018-09-01 05:09:142018-09-27 05:11:0354.227.195.116ec2-54-227-195-116.compute-1.amazonaws.comNot listedAS14618AMAZON-AES - Amazon.com, Inc., US- United States (US)
no2018-12-13 05:06:32never50.63.202.42ip-50-63-202-42.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-09-21 01:20:542017-10-31 01:35:13101.55.88.181Not listedAS4766KIXS-AS-KR Korea Telecom, KR- Korea, Republic of (KR)
no2018-11-13 05:10:28never50.63.202.39ip-50-63-202-39.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-12-19 02:19:482018-12-28 05:05:0150.63.202.38ip-50-63-202-38.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-12-20 05:06:23never50.63.202.34ip-50-63-202-34.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-11-12 05:08:44never184.168.221.63ip-184-168-221-63.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-11-17 05:12:342018-12-11 05:05:04184.168.221.61ip-184-168-221-61.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-11-27 05:11:482019-01-01 05:04:13184.168.221.57ip-184-168-221-57.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)

# IPs found: 25 (max. 25)

Dropped files

Latest 100 files (malware samples) dropped by this distribution site.

Firstseen (UTC)MD5 hashFilesizeVTSignature
2016-11-01 14:08:37caf5c42438432610148519777671e7e2120'320 bytesVirustotal results 8/55 (14.55%) n/a

Unique dropped files: 1