Locky Distribution Site :: srijanexportstowelwarmers.co.uk

Host Information

Locky Distribution Site:srijanexportstowelwarmers.co.uk
Threat:Distribution Site
Malware:Locky
URL:http://srijanexportstowelwarmers.co.uk/k9owpa
Host Status:offline
Blacklist check:Spamhaus DBL:Not Listed
 SURBL:Not Listed
Domain Registar:PDR Ltd. d/b/a PublicDomainRegistry.com t/a PublicDomainRegistry.com
Firstseen (UTC):2016-03-30 16:33:35
Lastseen (UTC):never

Associated IP addresses

The table below shows all ip addresses (e.g. A records) associated with this Locky Distribution Site. In case the host is a domain name, the table also shows a history of previous A records if there are any.

Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address).

yes = Active A record
no = Historical record
)
Firstseen (UTC)Lastseen (UTC)IP addressHostnameSBLAS numberAS nameCountry
no2018-11-18 07:08:262018-11-19 07:09:480.0.0.0Not listedAS0n/a
no2018-11-27 07:08:202018-12-03 07:05:28199.59.242.151Not listedAS395082BODIS-NJ - Bodis, LLC, US- United States (US)
no2016-03-30 16:33:352018-04-04 01:45:37213.52.128.146li951-146.members.linode.comNot listedAS63949TELECITY-LON , GB- United Kingdom (GB)
no2018-11-20 07:09:362018-12-17 07:06:5554.72.9.51ec2-54-72-9-51.eu-west-1.compute.amazonaws.comNot listedAS16509AMAZON-02 - Amazon.com, Inc., US- Ireland (IE)
no2018-12-04 07:14:332019-09-20 07:10:0891.195.240.92Not listedAS47846SEDO-AS , DE- Germany (DE)

# IPs found: 5 (max. 25)

Dropped files

Latest 100 files (malware samples) dropped by this distribution site.

Firstseen (UTC)MD5 hashFilesizeVTSignature
2016-04-21 09:06:25f32d232fde08c1453a2061119309c0a058'190 bytesn/aERROR: Too many connections
2016-03-30 16:54:538432513c00a5933f6a9f89e5462353dd162'304 bytesVirustotal results 7/57 (12.28%) Locky

Unique dropped files: 2