Locky Distribution Site :: bestsourcecode.com
Host Information
| Locky Distribution Site: | bestsourcecode.com | |
|---|---|---|
| Threat: | Distribution Site | |
| Malware: | Locky | |
| Host Status: | ||
| Blacklist check: | Spamhaus DBL: | |
| SURBL: | ||
| Domain Registar: | PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM | |
| Nameserver(s): | dns10.parkpage.foundationapi.com | |
| dns11.parkpage.foundationapi.com | ||
| Firstseen (UTC): | 2016-10-07 05:20:14 | |
| Lastseen (UTC): | never | |
Ransomware URLs
The table below shows all associated Ransomware URLs located on this host.
| Firstseen (UTC) | URL (?URL assocaited with this Ransomware. The leading dots (Red, Green, Grey) indicate whether the URL is active or not. Red = Online Green = Offline Grey = Unknown) | Threat | Malware |
|---|---|---|---|
| 2016-11-04 14:26:59 | http://bestsourcecode.com/z1ljm | ||
| 2016-10-07 05:20:14 | http://bestsourcecode.com/fm9wn7 |
# of URLs: 2
Associated IP addresses
The table below shows all ip addresses (e.g. A records) associated with this Locky Distribution Site. In case the host is a domain name, the table also shows a history of previous A records if there are any.
| Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address). yes = Active A record no = Historical record) | Firstseen (UTC) | Lastseen (UTC) | IP address | Hostname | SBL | AS number | AS name | Country |
|---|---|---|---|---|---|---|---|---|
| yes | 2018-06-06 01:37:46 | 2018-07-10 06:08:18 | 209.99.40.223 | 209-99-40-223.fwd.datafoundry.com | Not listed | AS3900 | TEXASNET-ASN - YHC Corporation, US |  United States (US) |
| no | 2017-06-08 01:14:00 | 2018-07-09 06:07:15 | 209.99.40.222 | 209-99-40-222.fwd.datafoundry.com | Not listed | AS3900 | TEXASNET-ASN - YHC Corporation, US | United States (US) |
| no | 2016-10-07 12:52:57 | 2017-08-12 01:10:56 | 50.87.248.224 | box1224.bluehost.com | Not listed | AS46606 | UNIFIEDLAYER-AS-1 - Unified Layer, US | United States (US) |
| no | 2017-08-13 01:10:17 | 2018-06-04 01:35:39 | 74.220.199.6 | parking.bluehost.com | Not listed | AS46606 | UNIFIEDLAYER-AS-1 - Unified Layer, US | United States (US) |
# IPs found: 4 (max. 25)
Dropped files
Latest 100 files (malware samples) dropped by this distribution site.
| Firstseen (UTC) | MD5 hash | Filesize | VT | Signature |
|---|---|---|---|---|
| 2016-11-04 14:36:51 | c13e6eaf4b9a9ef5ae554e16c98d135c | 186'880 bytes |  22/57 (38.60%)
| n/a |
| 2016-10-07 12:52:50 | 2ce9b571e6bc2f84658c1ca7c767f1d2 | 184'836 bytes | 2/54 (3.70%)
| n/a |
Unique dropped files: 2