Locky Distribution Site :: baankonkoh.com
Host Information
| Locky Distribution Site: | baankonkoh.com | |
|---|---|---|
| Threat: | Distribution Site | |
| Malware: | Locky | |
| Host Status: | ||
| Blacklist check: | Spamhaus DBL: | |
| SURBL: | ||
| Domain Registar: | ONLINENIC, INC. | |
| Nameserver(s): | ns1.redmonddc.com | |
| ns2.redmonddc.com | ||
| Firstseen (UTC): | 2016-09-29 09:42:51 | |
| Lastseen (UTC): | never | |
Ransomware URLs
The table below shows all associated Ransomware URLs located on this host.
| Firstseen (UTC) | URL (?URL assocaited with this Ransomware. The leading dots (Red, Green, Grey) indicate whether the URL is active or not. Red = Online Green = Offline Grey = Unknown) | Threat | Malware |
|---|---|---|---|
| 2016-11-04 06:21:05 | http://baankonkoh.com/gy3fmm7k | ||
| 2016-09-29 09:42:51 | http://baankonkoh.com/hhon5mma |
# of URLs: 2
Associated IP addresses
The table below shows all ip addresses (e.g. A records) associated with this Locky Distribution Site. In case the host is a domain name, the table also shows a history of previous A records if there are any.
| Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address). yes = Active A record no = Historical record) | Firstseen (UTC) | Lastseen (UTC) | IP address | Hostname | SBL | AS number | AS name | Country |
|---|---|---|---|---|---|---|---|---|
| yes | 2019-07-28 04:04:41 | 2019-12-05 07:55:29 | 151.106.5.172 | Not listed | AS29066 | VELIANET-AS velia.net Internetdienste Gm[...] |  United States (US) | |
| no | 2018-07-19 04:17:47 | 2019-12-02 04:04:17 | 192.155.108.151 | Not listed | AS29066 | VELIANET-AS velia.net Internetdienste Gm[...] | United States (US) | |
| no | 2018-07-22 07:52:59 | 2019-11-29 07:47:44 | 192.155.108.150 | Not listed | AS29066 | VELIANET-AS velia.net Internetdienste Gm[...] | United States (US) | |
| no | 2019-08-14 04:02:51 | 2019-10-24 04:04:24 | 192.155.108.152 | Not listed | AS29066 | VELIANET-AS velia.net Internetdienste Gm[...] | United States (US) | |
| no | 2019-07-23 07:45:45 | 2019-11-21 07:49:47 | 192.155.108.153 | Not listed | AS29066 | VELIANET-AS velia.net Internetdienste Gm[...] | United States (US) | |
| no | 2019-08-19 07:42:34 | 2019-11-05 04:02:31 | 192.155.108.154 | Not listed | AS29066 | VELIANET-AS velia.net Internetdienste Gm[...] | United States (US) | |
| no | 2019-07-24 04:02:42 | 2019-11-26 04:03:40 | 192.155.108.155 | Not listed | AS29066 | VELIANET-AS velia.net Internetdienste Gm[...] | United States (US) | |
| no | 2019-08-20 07:32:43 | 2019-12-03 07:48:55 | 192.155.108.156 | Not listed | AS29066 | VELIANET-AS velia.net Internetdienste Gm[...] | United States (US) | |
| no | 2019-08-01 04:02:22 | 2019-11-30 04:03:31 | 192.155.108.157 | Not listed | AS29066 | VELIANET-AS velia.net Internetdienste Gm[...] | United States (US) | |
| no | 2018-07-21 04:21:55 | 2019-12-04 07:43:01 | 192.155.108.158 | Not listed | AS29066 | VELIANET-AS velia.net Internetdienste Gm[...] | United States (US) | |
| no | 2019-11-07 04:02:01 | never | 207.244.67.138 | Not listed | AS30633 | LEASEWEB-USA-WDC-01 - Leaseweb USA, Inc.[...] | United States (US) | |
| no | 2019-11-06 07:46:38 | 2019-11-09 04:02:57 | 207.244.67.139 | Not listed | AS30633 | LEASEWEB-USA-WDC-01 - Leaseweb USA, Inc.[...] | United States (US) | |
| no | 2016-09-29 10:31:37 | 2019-07-18 07:41:25 | 210.1.58.38 | ns47.4gbhost.com | Not listed | AS4750 | CSLOX-IDC-AS-AP CS LOXINFO Public Compan[...] |  Thailand (TH) |
| no | 2019-11-11 07:44:20 | never | 37.48.65.136 | Not listed | AS60781 | LEASEWEB-NL-AMS-01 Netherlands, NL |  Netherlands (NL) | |
| no | 2019-11-13 07:41:18 | never | 37.48.65.143 | Not listed | AS60781 | LEASEWEB-NL-AMS-01 Netherlands, NL | Netherlands (NL) | |
| no | 2019-11-14 07:48:17 | never | 37.48.65.145 | Not listed | AS60781 | LEASEWEB-NL-AMS-01 Netherlands, NL | Netherlands (NL) | |
| no | 2019-12-05 04:03:25 | never | 37.48.65.149 | Not listed | AS60781 | LEASEWEB-NL-AMS-01 Netherlands, NL | Netherlands (NL) | |
| no | 2019-12-01 04:02:45 | never | 37.48.65.150 | Not listed | AS60781 | LEASEWEB-NL-AMS-01 Netherlands, NL | Netherlands (NL) | |
| no | 2019-11-06 04:02:53 | 2019-11-12 07:46:18 | 37.48.65.153 | Not listed | AS60781 | LEASEWEB-NL-AMS-01 Netherlands, NL | Netherlands (NL) | |
| no | 2019-11-04 07:44:15 | 2019-11-10 04:01:55 | 37.48.65.154 | Not listed | AS60781 | LEASEWEB-NL-AMS-01 Netherlands, NL | Netherlands (NL) | |
| no | 2019-10-28 07:45:48 | 2019-11-13 04:02:31 | 5.79.68.107 | Not listed | AS60781 | LEASEWEB-NL-AMS-01 Netherlands, NL | Netherlands (NL) | |
| no | 2019-11-10 07:45:50 | never | 5.79.68.109 | Not listed | AS60781 | LEASEWEB-NL-AMS-01 Netherlands, NL | Netherlands (NL) | |
| no | 2019-10-29 04:01:28 | 2019-11-07 07:45:10 | 5.79.68.110 | Not listed | AS60781 | LEASEWEB-NL-AMS-01 Netherlands, NL | Netherlands (NL) | |
| no | 2018-07-19 07:49:28 | 2019-09-21 07:38:25 | 151.106.5.173 | Not listed | AS29066 | VELIANET-AS velia.net Internetdienste Gm[...] | United States (US) | |
| no | 2019-08-22 04:04:06 | 2019-09-15 07:42:51 | 104.237.196.116 | dmpro-serverdeals-us-01 | Not listed | AS20278 | NEXEON - Nexeon Technologies, Inc., US | United States (US) |
# IPs found: 25 (max. 25)
Dropped files
Latest 100 files (malware samples) dropped by this distribution site.
| Firstseen (UTC) | MD5 hash | Filesize | VT | Signature |
|---|---|---|---|---|
| 2016-11-04 07:35:36 | a47a72ce88e89299b6051bcb08b3266d | 199'168 bytes |  47/58 (81.03%)
| n/a |
| 2016-09-29 10:31:36 | c7af7915351308af4f3896f4fcc1bd93 | 157'700 bytes | n/a | n/a |
Unique dropped files: 2