Locky Distribution Site :: www.disquesanciens.com
Host Information
| Locky Distribution Site: | www.disquesanciens.com | |
|---|---|---|
| Threat: | Distribution Site | |
| Malware: | Locky | |
| Host Status: | ||
| Blacklist check: | Spamhaus DBL: | |
| SURBL: | ||
| Domain Registar: | NETWORK SOLUTIONS, LLC. | |
| Firstseen (UTC): | 2016-11-03 15:28:51 | |
| Lastseen (UTC): | never | |
Ransomware URLs
The table below shows all associated Ransomware URLs located on this host.
| Firstseen (UTC) | URL (?URL assocaited with this Ransomware. The leading dots (Red, Green, Grey) indicate whether the URL is active or not. Red = Online Green = Offline Grey = Unknown) | Threat | Malware |
|---|---|---|---|
| 2016-12-21 10:03:17 | http://www.disquesanciens.com/87gyub | ||
| 2016-12-21 06:04:29 | http://www.disquesanciens.com/drhngbr | ||
| 2016-11-03 15:28:51 | http://www.disquesanciens.com/kry488 |
# of URLs: 3
Associated IP addresses
The table below shows all ip addresses (e.g. A records) associated with this Locky Distribution Site. In case the host is a domain name, the table also shows a history of previous A records if there are any.
| Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address). yes = Active A record no = Historical record) | Firstseen (UTC) | Lastseen (UTC) | IP address | Hostname | SBL | AS number | AS name | Country |
|---|---|---|---|---|---|---|---|---|
| yes | 2018-07-31 01:05:39 | 2019-07-24 01:53:19 | 217.70.191.57 | xvm-191-57.dc0.ghst.net | Not listed | AS29169 | GANDI-AS Domain name registrar - http://[...] |  France (FR) |
| no | 2018-06-30 01:04:41 | 2018-07-30 01:59:45 | 155.133.130.77 | xvm-130-77.dc3.ghst.net | Not listed | AS203476 | GANDI-AS-2 Domain name registrar - http:[...] | France (FR) |
| no | 2016-11-03 17:04:24 | 2017-01-01 21:57:31 | 195.8.66.220 | host-vh.fr.clara.net | Not listed | AS8426 | CLARANET-AS ClaraNET LTD, GB |  United Kingdom (GB) |
| no | 2017-01-03 10:58:11 | 2017-01-20 10:33:35 | 217.70.180.135 | gpaas5.dc0.gandi.net | Not listed | AS29169 | GANDI-AS Domain name registrar - http://[...] | France (FR) |
| no | 2017-01-01 23:41:34 | 2017-01-03 09:16:12 | 217.70.184.38 | webredir.vip.gandi.net | Not listed | AS29169 | GANDI-AS Domain name registrar - http://[...] | France (FR) |
| no | 2017-01-20 10:40:02 | 2018-06-29 02:00:10 | 95.142.166.201 | xvm-166-201.dc0.ghst.net | Not listed | AS29169 | GANDI-AS Domain name registrar - http://[...] | France (FR) |
# IPs found: 6 (max. 25)
Dropped files
Latest 100 files (malware samples) dropped by this distribution site.
| Firstseen (UTC) | MD5 hash | Filesize | VT | Signature |
|---|---|---|---|---|
| 2016-11-03 17:04:14 | b24724d5d9079d3dd05090d59e72aadc | 185'344 bytes |  10/57 (17.54%)
| n/a |
Unique dropped files: 1