Locky Distribution Site :: ditjenp2p.info

Host Information

Locky Distribution Site:ditjenp2p.info
Threat:Distribution Site
Malware:Locky
URL:http://ditjenp2p.info/g7cberv
Host Status:offline
Blacklist check:Spamhaus DBL:Not Listed
 SURBL:Not Listed
Domain Registar:CV. Rumahweb Indonesia
Nameserver(s):ns1.dynadot.com
 ns2.dynadot.com
Firstseen (UTC):2016-10-31 11:45:40
Lastseen (UTC):never

Associated IP addresses

The table below shows all ip addresses (e.g. A records) associated with this Locky Distribution Site. In case the host is a domain name, the table also shows a history of previous A records if there are any.

Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address).

yes = Active A record
no = Historical record
)
Firstseen (UTC)Lastseen (UTC)IP addressHostnameSBLAS numberAS nameCountry
yes2019-09-02 05:31:272019-09-17 05:32:4218.213.250.117ec2-18-213-250-117.compute-1.amazonaws.comNot listedAS14618AMAZON-AES - Amazon.com, Inc., US- United States (US)
yes2019-09-02 05:31:282019-09-17 05:32:4218.215.128.143ec2-18-215-128-143.compute-1.amazonaws.comNot listedAS14618AMAZON-AES - Amazon.com, Inc., US- United States (US)
yes2019-09-02 05:31:282019-09-17 05:32:4252.4.209.250ec2-52-4-209-250.compute-1.amazonaws.comNot listedAS14618AMAZON-02 - Amazon.com, Inc., US- United States (US)
no2018-04-23 01:41:082018-04-30 01:38:27103.224.182.250lb-182-250.above.comNot listedAS133618TRELLIAN-AS-AP Trellian Pty. Limited, AU- Australia (AU)
no2017-09-22 01:30:272018-07-09 05:43:39103.224.212.222lb-212-222.above.comNot listedAS133618TRELLIAN-AS-AP Trellian Pty. Limited, AU- Australia (AU)
no2017-03-12 01:19:032017-04-20 01:20:25103.247.10.50expired.rumahweb.comNot listedAS58487RUMAHWEB-AS-ID Rumahweb Indonesia CV., I[...]- Indonesia (ID)
no2016-10-31 12:51:372017-03-11 01:20:10103.254.155.236sg6-2.rumahweb.comNot listedAS59253LSW-SG Leaseweb Asia Pacific pte. ltd., [...]- Singapore (SG)
no2018-09-15 05:42:392019-09-01 05:29:00104.27.130.11Not listedAS13335CLOUDFLARENET - Cloudflare, Inc., US- United States (US)
no2018-09-15 05:42:382019-09-01 05:29:00104.27.131.11Not listedAS13335CLOUDFLARENET - Cloudflare, Inc., US- United States (US)
no2017-09-21 01:26:072018-06-17 01:38:17192.184.12.62Not listedAS32421BLCC - Black Lotus Communications, US- United States (US)
no2018-05-30 01:39:242018-06-09 01:39:03208.91.197.46Not listedAS40034CONFLUENCE-NETWORK-INC - Confluence Netw[...]- Virgin Islands, British (VG)
no2018-09-01 05:42:272018-09-14 05:43:4852.0.217.44ec2-52-0-217-44.compute-1.amazonaws.comNot listedAS14618AMAZON-AES - Amazon.com, Inc., US- United States (US)
no2017-10-05 04:41:242018-06-18 01:40:1070.32.1.32ip-70.32.1.32.hosted.by.gigenet.comNot listedAS32181ASN-GIGENET - GigeNET, US- United States (US)

# IPs found: 13 (max. 25)

Dropped files

Latest 100 files (malware samples) dropped by this distribution site.

Firstseen (UTC)MD5 hashFilesizeVTSignature
2016-10-31 11:18:449c9699e435a7703122a2665fea2494b2262'144 bytesVirustotal results 0/54 (0.00%) n/a

Unique dropped files: 1