Locky Distribution Site :: sathiyapariwar.com

Host Information

Locky Distribution Site:sathiyapariwar.com
Threat:Distribution Site
Malware:Locky
URL:http://sathiyapariwar.com/t76f3g
Host Status:offline
Blacklist check:Spamhaus DBL:Not Listed
 SURBL:Not Listed
Domain Registar:GODADDY.COM, LLC
Nameserver(s):dns1.p05.nsone.net
 dns2.p05.nsone.net
 dns3.p05.nsone.net
 dns4.p05.nsone.net
Firstseen (UTC):2016-10-26 12:24:41
Lastseen (UTC):never

Associated IP addresses

The table below shows all ip addresses (e.g. A records) associated with this Locky Distribution Site. In case the host is a domain name, the table also shows a history of previous A records if there are any.

Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address).

yes = Active A record
no = Historical record
)
Firstseen (UTC)Lastseen (UTC)IP addressHostnameSBLAS numberAS nameCountry
yes2019-07-09 03:15:572019-10-19 03:17:10142.93.122.177Not listedAS14061DIGITALOCEAN-ASN - DigitalOcean, LLC, US- Canada (CA)
no2016-10-26 12:26:482016-12-26 10:13:20103.224.23.124Not listedAS394695PUBLIC-DOMAIN-REGISTRY - PDR, US- United Arab Emirates (AE)
no2019-07-18 03:15:342019-10-10 03:21:16104.248.120.187Not listedAS14061DIGITALOCEAN-ASN - DigitalOcean, LLC, US- United States (US)
no2018-03-28 01:23:402019-03-22 03:15:43142.4.5.74server.alinasoftwares.inNot listedAS46606UNIFIEDLAYER-AS-1 - Unified Layer, US- United States (US)
no2019-03-29 03:20:172019-07-07 03:16:02162.144.90.141162-144-90-141.unifiedlayer.comNot listedAS46606UNIFIEDLAYER-AS-1 - Unified Layer, US- United States (US)
no2019-07-08 03:15:032019-10-18 03:16:20167.99.4.63Not listedAS14061DIGITALOCEAN-ASN - DigitalOcean, LLC, US- United States (US)
no2017-07-27 01:00:192017-07-28 01:00:19185.62.36.138Not listedAS60558SECUREDSERVERS-, EU- Netherlands (NL)
no2016-12-29 10:46:262017-04-18 01:02:42192.254.142.192ebu.ebunchapps.comNot listedAS46606UNIFIEDLAYER-AS-1 - Unified Layer, US- United States (US)
no2019-08-04 03:18:182019-09-19 03:15:54198.199.66.189Not listedAS14061DIGITALOCEAN-ASN - DigitalOcean, LLC, US- United States (US)
no2019-07-16 03:15:582019-10-02 03:15:1934.200.233.150ec2-34-200-233-150.compute-1.amazonaws.comNot listedAS14618AMAZON-AES - Amazon.com, Inc., US- United States (US)
no2017-08-24 01:00:312017-11-29 03:17:1650.28.1.244cloude.xdnscloud.comNot listedAS32244LIQUID-WEB-INC - Liquid Web, L.L.C, US- United States (US)
no2017-12-02 03:17:052018-03-27 01:22:2393.115.27.142mega.xdnscloud.comNot listedAS16125CHERRYSERVERS1-AS, LT- Lithuania (LT)
no2017-04-19 01:02:252017-07-19 01:00:2398.142.108.178usa.xozz.comNot listedAS33182DIMENOC - HostDime.com, Inc., US- India (IN)

# IPs found: 13 (max. 25)

Dropped files

Latest 100 files (malware samples) dropped by this distribution site.

Firstseen (UTC)MD5 hashFilesizeVTSignature
2016-10-27 01:00:41c1ba0818c697c3c1a556c7dfdcb1edd4286'720 bytesVirustotal results 15/59 (25.42%) # Not authorized
2016-10-26 10:26:32d17d1d63c242d71fcfd41fd506b8dee5278'528 bytesVirustotal results 0/54 (0.00%) n/a

Unique dropped files: 2