Locky Distribution Site :: ontheblocks.com

Host Information

Locky Distribution Site:ontheblocks.com
Threat:Distribution Site
Malware:Locky
URL:http://ontheblocks.com/IOvTGJ.exe
Host Status:offline
Blacklist check:Spamhaus DBL:Not Listed
 SURBL:Not Listed
Domain Registar:ENOM, INC.
Nameserver(s):nsg1.namebrightdns.com
 nsg2.namebrightdns.com
Firstseen (UTC):2016-05-25 08:47:40
Lastseen (UTC):never

Associated IP addresses

The table below shows all ip addresses (e.g. A records) associated with this Locky Distribution Site. In case the host is a domain name, the table also shows a history of previous A records if there are any.

Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address).

yes = Active A record
no = Historical record
)
Firstseen (UTC)Lastseen (UTC)IP addressHostnameSBLAS numberAS nameCountry
yes2018-12-04 04:50:192019-09-15 04:32:5123.20.239.12ec2-23-20-239-12.compute-1.amazonaws.comNot listedAS14618AMAZON-AES - Amazon.com, Inc., US- United States (US)
no2018-03-01 01:34:032018-04-04 01:27:1991.195.240.103custip-1103.sedoparking.comNot listedAS47846SEDO-AS, DE- Germany (DE)
no2016-05-25 09:12:152016-08-02 17:53:14143.95.79.232ip-143-95-79-232.iplocalNot listedAS36024- United States (US)
no2016-08-04 11:17:132017-05-09 01:33:098.5.1.44Not listedAS21740ENOMAS1 - eNom, Incorporated, US- United States (US)
no2017-05-10 01:39:112018-02-28 01:29:0869.64.147.35ash.parking.localNot listedAS55002ENOMAS1 - eNom, Incorporated, US- United States (US)
no2018-11-15 04:48:072018-11-29 04:39:5854.208.56.179ec2-54-208-56-179.compute-1.amazonaws.comNot listedAS14618AMAZON-AES - Amazon.com, Inc., US- United States (US)
no2018-11-11 04:50:162018-12-03 04:42:2054.165.193.163ec2-54-165-193-163.compute-1.amazonaws.comNot listedAS14618AMAZON-AES - Amazon.com, Inc., US- United States (US)
no2018-10-19 04:41:292018-10-25 04:43:4954.144.21.246ec2-54-144-21-246.compute-1.amazonaws.comNot listedAS14618AMAZON-AES - Amazon.com, Inc., US- United States (US)
no2018-11-01 04:43:442018-12-03 04:42:1952.86.122.241ec2-52-86-122-241.compute-1.amazonaws.comNot listedAS14618AMAZON-AES - Amazon.com, Inc., US- United States (US)
no2018-11-14 04:49:112018-11-29 04:39:5852.73.179.54ec2-52-73-179-54.compute-1.amazonaws.comNot listedAS14618AMAZON-AES - Amazon.com, Inc., US- United States (US)
no2018-11-14 04:49:122018-11-15 04:48:0652.6.234.76ec2-52-6-234-76.compute-1.amazonaws.comNot listedAS14618AMAZON-AES - Amazon.com, Inc., US- United States (US)
no2018-10-18 04:45:322018-10-31 04:40:5652.55.164.156ec2-52-55-164-156.compute-1.amazonaws.comNot listedAS14618AMAZON-AES - Amazon.com, Inc., US- United States (US)
no2018-10-31 04:40:56never52.54.154.33ec2-52-54-154-33.compute-1.amazonaws.comNot listedAS14618AMAZON-AES - Amazon.com, Inc., US- United States (US)
no2018-10-18 04:45:32never52.5.251.20ec2-52-5-251-20.compute-1.amazonaws.comNot listedAS14618AMAZON-AES - Amazon.com, Inc., US- United States (US)
no2018-10-26 04:40:522018-10-30 04:44:0652.3.123.192ec2-52-3-123-192.compute-1.amazonaws.comNot listedAS14618AMAZON-AES - Amazon.com, Inc., US- United States (US)
no2018-10-19 04:41:292018-11-06 04:51:3452.22.89.169ec2-52-22-89-169.compute-1.amazonaws.comNot listedAS14618AMAZON-AES - Amazon.com, Inc., US- United States (US)
no2018-10-17 04:45:28never34.195.144.62ec2-34-195-144-62.compute-1.amazonaws.comNot listedAS14618AMAZON-AES - Amazon.com, Inc., US- United States (US)

# IPs found: 17 (max. 25)

Dropped files

Latest 100 files (malware samples) dropped by this distribution site.

Firstseen (UTC)MD5 hashFilesizeVTSignature
2016-05-25 09:12:147b56ce19f72c349288d55a565189726b313'856 bytesVirustotal results 39/57 (68.42%) n/a

Unique dropped files: 1