Locky Distribution Site :: nitrogenwebs.com

This database entry has been flagged as "fixed / cleaned" and is therefore not being published on the Ransomware Tracker blocklist

Host Information

Locky Distribution Site:nitrogenwebs.com
Threat:Distribution Site
Malware:Locky
URL:http://nitrogenwebs.com/g76dbf
Host Status:offline
Blacklist check:Spamhaus DBL:Not Listed
 SURBL:Not Listed
Domain Registar:ENOM, INC.
Nameserver(s):jm1.dns.com
 jm2.dns.com
Firstseen (UTC):2016-10-25 14:56:34
Lastseen (UTC):never

Associated IP addresses

The table below shows all ip addresses (e.g. A records) associated with this Locky Distribution Site. In case the host is a domain name, the table also shows a history of previous A records if there are any.

Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address).

yes = Active A record
no = Historical record
)
Firstseen (UTC)Lastseen (UTC)IP addressHostnameSBLAS numberAS nameCountry
yes2019-07-14 05:27:182019-11-14 05:26:31154.206.129.26Not listedAS134705ITACE-AS-AP Itace International Limited,[...]- South Africa (ZA)
no2016-11-08 22:24:322016-12-12 14:11:41162.255.119.249Not listedAS22612NAMECHEAP-NET - Namecheap, Inc., US- United States (US)
no2019-03-19 05:31:452019-04-28 05:27:36198.54.117.197Not listedAS22612NAMECHEAP-NET - Namecheap, Inc., US- United States (US)
no2019-03-19 05:31:452019-04-28 05:27:36198.54.117.198Not listedAS22612NAMECHEAP-NET - Namecheap, Inc., US- United States (US)
no2019-03-19 05:31:442019-04-28 05:27:36198.54.117.199Not listedAS22612NAMECHEAP-NET - Namecheap, Inc., US- United States (US)
no2019-03-19 05:31:442019-04-28 05:27:36198.54.117.200Not listedAS22612NAMECHEAP-NET - Namecheap, Inc., US- United States (US)
no2018-11-01 05:52:052019-03-18 05:30:53199.188.200.142premium43-3.web-hosting.comNot listedAS22612NAMECHEAP-NET - Namecheap, Inc., US- United States (US)
no2019-06-25 05:25:022019-07-13 05:28:5343.255.29.67Not listedAS133199SONDERCLOUDLIMITED-AS-AP SonderCloud Lim[...]- Hong Kong (HK)
no2019-06-12 05:25:442019-06-24 05:24:5345.43.33.38Not listedAS21859ZNET - Zenlayer Inc, US- United States (US)
no2016-10-25 15:33:272018-10-31 05:50:1168.65.122.107premium22-5.web-hosting.comNot listedAS22612NAMECHEAP-NET - Namecheap, Inc., US- United States (US)

# IPs found: 10 (max. 25)

Dropped files

Latest 100 files (malware samples) dropped by this distribution site.

Firstseen (UTC)MD5 hashFilesizeVTSignature
2016-10-25 15:24:4841c2644723ee69c979c0b00e28084132278'528 bytesVirustotal results 22/60 (36.67%) n/a

Unique dropped files: 1