Locky Distribution Site :: gto-cro.com

Host Information

Locky Distribution Site:gto-cro.com
Threat:Distribution Site
Malware:Locky
URL:http://gto-cro.com/zcvofb
Host Status:offline
Blacklist check:Spamhaus DBL:Not Listed
 SURBL:Not Listed
Domain Registar:PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM
Nameserver(s):alex.ns.cloudflare.com
 miki.ns.cloudflare.com
Firstseen (UTC):2016-11-22 12:32:41
Lastseen (UTC):never

Associated IP addresses

The table below shows all ip addresses (e.g. A records) associated with this Locky Distribution Site. In case the host is a domain name, the table also shows a history of previous A records if there are any.

Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address).

yes = Active A record
no = Historical record
)
Firstseen (UTC)Lastseen (UTC)IP addressHostnameSBLAS numberAS nameCountry
yes2016-12-14 12:21:402019-06-20 03:18:59104.27.168.253Not listedAS13335CLOUDFLARENET - CloudFlare, Inc., US- United States (US)
yes2016-12-14 12:21:412019-06-20 03:18:59104.27.169.253Not listedAS13335CLOUDFLARENET - CloudFlare, Inc., US- United States (US)
no2016-12-06 05:18:342016-12-14 08:47:33213.8.146.282all.co.ilNot listedAS9116GOLDENLINES-ASN 012 Smile Communications[...]- Israel (IL)
no2016-11-22 17:15:562016-12-05 05:12:5581.218.71.217shared6.lighthost.co.ilNot listedAS8551BEZEQ-INTERNATIONAL-AS Bezeqint Internet[...]- Israel (IL)

# IPs found: 4 (max. 25)

Dropped files

Latest 100 files (malware samples) dropped by this distribution site.

Firstseen (UTC)MD5 hashFilesizeVTSignature
2016-11-22 17:15:5521672783618c78969b06997205ae2d03185'099 bytesVirustotal results 2/54 (3.70%) n/a

Unique dropped files: 1