Locky Distribution Site :: papercraftstyle.com
Host Information
| Locky Distribution Site: | papercraftstyle.com | |
|---|---|---|
| Threat: | Distribution Site | |
| Malware: | Locky | |
| Host Status: | ||
| Blacklist check: | Spamhaus DBL: | |
| SURBL: | ||
| Domain Registar: | ENOM, INC. | |
| Nameserver(s): | sk.s5.ans1.ns148.ztomy.com | |
| sk.s5.ans2.ns148.ztomy.com | ||
| Firstseen (UTC): | 2016-11-23 10:35:04 | |
| Lastseen (UTC): | never | |
Ransomware URLs
The table below shows all associated Ransomware URLs located on this host.
| Firstseen (UTC) | URL (?URL assocaited with this Ransomware. The leading dots (Red, Green, Grey) indicate whether the URL is active or not. Red = Online Green = Offline Grey = Unknown) | Threat | Malware |
|---|---|---|---|
| 2016-12-08 13:34:09 | http://papercraftstyle.com/hb74 | ||
| 2016-11-23 10:35:04 | http://papercraftstyle.com/988gd4 |
# of URLs: 2
Associated IP addresses
The table below shows all ip addresses (e.g. A records) associated with this Locky Distribution Site. In case the host is a domain name, the table also shows a history of previous A records if there are any.
| Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address). yes = Active A record no = Historical record) | Firstseen (UTC) | Lastseen (UTC) | IP address | Hostname | SBL | AS number | AS name | Country |
|---|---|---|---|---|---|---|---|---|
| yes | 2018-07-01 03:03:17 | 2019-10-23 02:55:03 | 208.91.197.46 | Not listed | AS40034 | CONFLUENCE-NETWORK-INC - Confluence Netw[...] |  Virgin Islands, British (VG) | |
| no | 2018-09-19 02:14:57 | 2019-09-18 02:08:12 | 64.32.8.67 | customer.sharktech.net | Not listed | AS46844 | ST-BGP - Sharktech, US |  United States (US) |
| no | 2018-09-18 02:14:51 | 2019-09-16 02:56:18 | 46.166.182.112 | Not listed | AS43350 | NFORCE, NL |  Netherlands (NL) | |
| no | 2018-10-01 02:13:17 | 2019-08-19 02:07:35 | 46.166.182.113 | Not listed | AS43350 | NFORCE, NL | Netherlands (NL) | |
| no | 2018-09-24 03:01:37 | 2019-09-18 02:55:46 | 46.166.182.114 | Not listed | AS43350 | NFORCE, NL | Netherlands (NL) | |
| no | 2018-11-11 02:12:47 | 2019-08-06 02:53:34 | 46.166.182.115 | Not listed | AS43350 | NFORCE, NL | Netherlands (NL) | |
| no | 2018-10-15 02:12:50 | 2019-08-25 02:55:27 | 46.166.182.116 | Not listed | AS43350 | NFORCE, NL | Netherlands (NL) | |
| no | 2019-06-10 02:07:42 | 2019-08-27 02:09:23 | 5.79.68.107 | Not listed | AS60781 | LEASEWEB-NL-AMS-01 Netherlands, NL | Netherlands (NL) | |
| no | 2019-07-02 02:07:00 | 2019-09-09 02:54:33 | 5.79.68.108 | Not listed | AS60781 | LEASEWEB-NL-AMS-01 Netherlands, NL | Netherlands (NL) | |
| no | 2019-06-01 02:54:30 | 2019-09-08 02:07:32 | 5.79.68.109 | Not listed | AS60781 | LEASEWEB-NL-AMS-01 Netherlands, NL | Netherlands (NL) | |
| no | 2019-06-17 02:55:06 | 2019-08-12 02:07:51 | 5.79.68.110 | Not listed | AS60781 | LEASEWEB-NL-AMS-01 Netherlands, NL | Netherlands (NL) | |
| no | 2018-09-21 02:13:29 | 2019-07-13 02:06:45 | 46.166.182.111 | Not listed | AS43350 | NFORCE, NL | Netherlands (NL) | |
| no | 2018-10-05 02:59:21 | 2019-09-10 02:07:54 | 64.32.8.68 | customer.sharktech.net | Not listed | AS46844 | ST-BGP - Sharktech, US | United States (US) |
| no | 2018-09-23 02:13:39 | 2019-09-09 02:07:54 | 64.32.8.69 | customer.sharktech.net | Not listed | AS46844 | ST-BGP - Sharktech, US | United States (US) |
| no | 2018-09-18 03:01:04 | 2019-09-15 02:54:06 | 64.32.8.70 | customer.sharktech.net | Not listed | AS46844 | ST-BGP - Sharktech, US | United States (US) |
| no | 2017-05-15 01:48:05 | 2017-05-21 01:45:32 | 69.64.147.39 | ash.parking.local | Not listed | AS55002 | ENOMAS1 - eNom, Incorporated, US | United States (US) |
| no | 2017-05-11 01:45:37 | 2017-05-14 01:52:03 | 69.64.147.47 | ash.parking.local | Not listed | AS55002 | ENOMAS1 - eNom, Incorporated, US | United States (US) |
| no | 2019-03-29 02:58:43 | 2019-05-22 02:06:47 | 81.171.22.4 | Not listed | AS60781 | LEASEWEB-NL-AMS-01 Netherlands, NL | Netherlands (NL) | |
| no | 2019-03-26 02:04:03 | 2019-05-23 02:08:07 | 81.171.22.5 | Not listed | AS60781 | LEASEWEB-NL-AMS-01 Netherlands, NL | Netherlands (NL) | |
| no | 2019-03-28 02:56:54 | 2019-05-25 02:54:30 | 81.171.22.6 | Not listed | AS60781 | LEASEWEB-NL-AMS-01 Netherlands, NL | Netherlands (NL) | |
| no | 2019-03-31 02:05:17 | 2019-05-14 02:55:03 | 81.171.22.7 | Not listed | AS60781 | LEASEWEB-NL-AMS-01 Netherlands, NL | Netherlands (NL) | |
| no | 2017-04-11 01:45:59 | 2017-05-10 02:02:27 | 98.124.243.38 | Not listed | AS21740 | ENOMAS1 - eNom, Incorporated, US | United States (US) | |
| no | 2018-09-24 02:13:38 | 2019-09-13 02:56:11 | 207.244.67.214 | Not listed | AS30633 | LEASEWEB-USA-WDC-01 - Leaseweb USA, Inc.[...] | United States (US) | |
| no | 2019-06-01 02:06:44 | 2019-09-19 02:53:27 | 162.210.195.122 | Not listed | AS30633 | LEASEWEB-USA-WDC-01 - Leaseweb USA, Inc.[...] | United States (US) | |
| no | 2019-06-09 02:06:50 | 2019-09-17 02:08:04 | 162.210.195.123 | Not listed | AS30633 | LEASEWEB-USA-WDC-01 - Leaseweb USA, Inc.[...] | United States (US) |
# IPs found: 25 (max. 25)
Dropped files
Latest 100 files (malware samples) dropped by this distribution site.
| Firstseen (UTC) | MD5 hash | Filesize | VT | Signature |
|---|---|---|---|---|
| 2016-12-08 16:48:12 | f02e6a4094f16c643aeb2e1510f24d40 | 172'032 bytes |  6/55 (10.91%)
| n/a |
| 2016-12-05 04:47:28 | 214edbdb68ad7c7748a3f1d181f3048c | 62'074 bytes | n/a | n/a |
| 2016-11-23 12:50:51 | a848b6d934744a8228e861d3ca6f6e5f | 262'144 bytes | 9/54 (16.67%)
| n/a |
Unique dropped files: 3