Locky Distribution Site :: tamsoon.net

Host Information

Locky Distribution Site:tamsoon.net
Threat:Distribution Site
Malware:Locky
URL:http://tamsoon.net/ec1jyz3fu
Host Status:offline
Blacklist check:Spamhaus DBL:Not Listed
 SURBL:Not Listed
Domain Registar:WEST263 INTERNATIONAL LIMITED
Nameserver(s):f1g1ns1.dnspod.net
 f1g1ns2.dnspod.net
Firstseen (UTC):2016-12-06 13:44:02
Lastseen (UTC):never

Associated IP addresses

The table below shows all ip addresses (e.g. A records) associated with this Locky Distribution Site. In case the host is a domain name, the table also shows a history of previous A records if there are any.

Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address).

yes = Active A record
no = Historical record
)
Firstseen (UTC)Lastseen (UTC)IP addressHostnameSBLAS numberAS nameCountry
yes2019-02-15 05:49:402019-10-22 05:45:3745.193.44.107Not listedAS134548DXTL-HK DXTL Tseung Kwan O Service, HK- Hong Kong (HK)
no2017-09-17 01:11:142017-10-10 01:34:01104.27.130.55Not listedAS13335CLOUDFLARENET - CloudFlare, Inc., US- United States (US)
no2017-09-17 01:11:132017-10-10 01:33:50104.27.131.55Not listedAS13335CLOUDFLARENET - CloudFlare, Inc., US- United States (US)
no2016-12-06 14:08:172017-09-07 01:10:36122.114.82.117Not listedAS37943CNNIC-GIANT ZhengZhou GIANT Computer Net[...]- China (CN)
no2018-12-20 05:49:192019-02-14 05:50:08154.222.39.33Not listedAS134705ITACE-AS-AP Itace International Limited,[...]- United States (US)
no2018-10-06 05:54:342018-10-22 05:56:3147.91.202.66Not listedAS45102CNNIC-ALIBABA-CN-NET-AP Alibaba (China) [...]- United States (US)
no2018-10-23 05:55:26never47.91.205.63Not listedAS45102CNNIC-ALIBABA-CN-NET-AP Alibaba (China) [...]- United States (US)
no2017-04-25 04:15:182017-05-11 01:00:4150.117.113.220Not listedAS18779EGIHOSTING - EGIHosting, US- United States (US)
no2017-05-12 01:00:152017-05-14 01:00:2450.117.113.222Not listedAS18779EGIHOSTING - EGIHosting, US- United States (US)

# IPs found: 9 (max. 25)

Dropped files

Latest 100 files (malware samples) dropped by this distribution site.

Firstseen (UTC)MD5 hashFilesizeVTSignature
2017-01-02 04:00:334a82117a6b3a2f91c72b3996485d2c4f25'687 bytesn/an/a
2016-12-06 14:07:550681b04f2588963408a3335a6b0f5b6c155'571 bytesVirustotal results 9/55 (16.36%) n/a

Unique dropped files: 2