Locky Distribution Site :: xieyaqi1988.com

Host Information

Locky Distribution Site:xieyaqi1988.com
Threat:Distribution Site
Malware:Locky
URL:http://xieyaqi1988.com/n0wogrwkz
Host Status:offline
Blacklist check:Spamhaus DBL:Not Listed
 SURBL:Not Listed
Domain Registar:BIZCN.COM, INC.
Nameserver(s):ns1.dnsfang.com
 ns2.dnsfang.com
Firstseen (UTC):2016-12-08 13:08:14
Lastseen (UTC):never

Associated IP addresses

The table below shows all ip addresses (e.g. A records) associated with this Locky Distribution Site. In case the host is a domain name, the table also shows a history of previous A records if there are any.

Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address).

yes = Active A record
no = Historical record
)
Firstseen (UTC)Lastseen (UTC)IP addressHostnameSBLAS numberAS nameCountry
yes2019-09-11 03:21:472019-10-24 03:26:1845.39.106.141Not listedAS18779EGIHOSTING - EGIHosting, US- United States (US)
no2018-11-02 03:30:002018-11-04 03:30:1250.63.202.95ip-50-63-202-95.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2016-12-08 17:02:542017-04-27 03:10:03113.10.206.161Not listedAS17444NWT-AS-AP AS number for New World Teleph[...]- Hong Kong (HK)
no2018-10-17 03:36:07never50.63.202.93ip-50-63-202-93.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-11-06 03:31:162018-11-11 03:28:3350.63.202.91ip-50-63-202-91.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-10-09 03:28:05never50.63.202.90ip-50-63-202-90.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-10-15 03:28:462018-10-21 03:30:0350.63.202.86ip-50-63-202-86.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-10-13 03:27:482018-10-27 03:29:0050.63.202.85ip-50-63-202-85.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-10-23 03:29:342018-10-26 03:29:3250.63.202.71ip-50-63-202-71.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-10-14 03:29:122018-10-16 03:29:1750.63.202.70ip-50-63-202-70.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-10-29 03:29:202018-10-31 03:28:5750.63.202.69ip-50-63-202-69.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-10-12 03:29:342018-10-25 03:30:2850.63.202.66ip-50-63-202-66.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-04-28 03:12:072017-05-12 01:48:59192.169.81.126126-81-169-192.static.reverse.lstn.netNot listedAS46475LIMESTONENETWORKS - Limestone Networks, [...]- United States (US)
no2018-09-30 03:31:382018-10-08 03:28:24185.53.179.7Not listedAS61969TEAMINTERNET-AS, DE- Germany (DE)
no2018-10-19 03:30:402018-10-22 03:30:26184.168.221.84ip-184-168-221-84.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-10-11 03:28:452018-10-24 03:31:53184.168.221.83ip-184-168-221-83.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-11-12 03:29:52never184.168.221.79ip-184-168-221-79.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-10-10 03:29:03never184.168.221.77ip-184-168-221-77.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-10-20 03:29:452018-10-28 03:28:47184.168.221.73ip-184-168-221-73.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-10-30 03:31:392018-11-13 03:29:12184.168.221.67ip-184-168-221-67.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-10-03 01:02:002018-09-29 03:31:51141.8.224.93Not listedAS40034CONFLUENCE-NETWORK-INC - Confluence Netw[...]- Switzerland (CH)
no2019-09-06 03:24:132019-09-10 03:22:15127.0.0.1localhostNot listedAS9498BBIL-AP BHARTI Airtel Ltd., INn/a

# IPs found: 22 (max. 25)

Dropped files

Latest 100 files (malware samples) dropped by this distribution site.

Firstseen (UTC)MD5 hashFilesizeVTSignature
2016-12-08 17:02:53def337fdb76d63bff1fb9ae0436261d7152'512 bytesVirustotal results 2/55 (3.64%) n/a

Unique dropped files: 1