Locky Distribution Site :: manhtienphat.com

Host Information

Locky Distribution Site:manhtienphat.com
Threat:Distribution Site
Malware:Locky
URL:http://manhtienphat.com/5ko2h
Host Status:offline
Blacklist check:Spamhaus DBL:Not Listed
 SURBL:Not Listed
Domain Registar:MAT BAO TRADING & SERVICE COMPANY LIMITED D/B/A MAT BAO
Nameserver(s):ns1.matbao.com
 ns2.matbao.com
Firstseen (UTC):2016-11-22 08:30:18
Lastseen (UTC):never

Associated IP addresses

The table below shows all ip addresses (e.g. A records) associated with this Locky Distribution Site. In case the host is a domain name, the table also shows a history of previous A records if there are any.

Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address).

yes = Active A record
no = Historical record
)
Firstseen (UTC)Lastseen (UTC)IP addressHostnameSBLAS numberAS nameCountry
yes2019-03-01 03:30:172019-10-20 03:29:28207.148.89.200207.148.89.200.vultr.comNot listedAS20473AS-CHOOPA - Choopa, LLC, US- Canada (CA)
no2016-11-22 10:18:112017-02-26 02:14:40103.9.76.115c6.vinahost.vnNot listedAS7643VNPT-AS-VN Vietnam Posts and Telecommuni[...]- Vietnam (VN)
no2018-02-13 01:31:012018-05-03 01:30:18104.200.22.130nb-104-200-22-130.dallas.nodebalancer.linode.comNot listedAS63949LINODE-AP Linode, LLC, US- United States (US)
no2018-02-13 01:31:022018-05-03 01:30:19104.200.23.95nb-104-200-23-95.dallas.nodebalancer.linode.comNot listedAS63949LINODE-AP Linode, LLC, US- United States (US)
no2018-09-13 03:35:592019-02-28 03:27:55125.212.252.2Not listedAS7552VTDC-AS-VN Vietel - CHT Compamy Ltd, VN- Vietnam (VN)
no2017-02-27 02:16:182017-03-27 02:18:52209.99.40.226209-99-40-226.fwd.datafoundry.comNot listedAS3900TEXASNET-ASN - YHC Corporation, US- United States (US)
no2017-05-04 02:13:26never34.200.65.177ec2-34-200-65-177.compute-1.amazonaws.comNot listedAS14618AMAZON-AES - Amazon.com, Inc., US- United States (US)
no2019-09-13 03:27:572019-09-23 03:31:4535.240.224.208208.224.240.35.bc.googleusercontent.comNot listedAS15169GOOGLE - Google LLC, US- United States (US)
no2017-05-07 02:21:462018-02-12 01:33:0445.33.9.234li963-234.members.linode.comNot listedAS63949LINODE-AP Linode, LLC, US- United States (US)
no2018-06-03 01:29:442018-06-12 01:32:4352.7.102.57ec2-52-7-102-57.compute-1.amazonaws.comNot listedAS14618AMAZON-AES - Amazon.com, Inc., US- United States (US)
no2018-06-03 01:29:442018-06-12 01:32:4352.71.245.135ec2-52-71-245-135.compute-1.amazonaws.comNot listedAS14618AMAZON-AES - Amazon.com, Inc., US- United States (US)
no2017-05-04 02:13:27never54.84.86.222ec2-54-84-86-222.compute-1.amazonaws.comNot listedAS14618AMAZON-AES - Amazon.com, Inc., US- United States (US)
no2018-09-30 03:38:302018-10-14 03:35:1774.119.239.234Not listedAS394695PUBLIC-DOMAIN-REGISTRY - PDR, US- United States (US)

# IPs found: 13 (max. 25)

Dropped files

Latest 100 files (malware samples) dropped by this distribution site.

Firstseen (UTC)MD5 hashFilesizeVTSignature
2016-11-22 10:18:0133f54aa84a7a951643c400233544d4ca119'808 bytesVirustotal results 3/55 (5.45%) n/a

Unique dropped files: 1