Locky Distribution Site :: camdo89.com

Host Information

Locky Distribution Site:camdo89.com
Threat:Distribution Site
Malware:Locky
URL:http://camdo89.com/rs0o9
Host Status:offline
Blacklist check:Spamhaus DBL:Not Listed
 SURBL:Not Listed
Domain Registar:PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM
Nameserver(s):ns1626.ztomy.com
 ns2626.ztomy.com
Firstseen (UTC):2016-11-03 09:58:12
Lastseen (UTC):never

Associated IP addresses

The table below shows all ip addresses (e.g. A records) associated with this Locky Distribution Site. In case the host is a domain name, the table also shows a history of previous A records if there are any.

Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address).

yes = Active A record
no = Historical record
)
Firstseen (UTC)Lastseen (UTC)IP addressHostnameSBLAS numberAS nameCountry
yes2019-01-31 01:42:302019-08-23 01:39:55204.11.56.48Not listedAS40034CONFLUENCE-NETWORK-INC - Confluence Netw[...]- Virgin Islands, British (VG)
no2016-11-03 12:09:462017-11-13 01:04:50112.213.89.90ns8990.dotvndns.vnNot listedAS45544SUPERDATA-AS-VN SUPERDATA, VN- Vietnam (VN)
no2018-11-23 01:48:412018-12-20 01:47:09184.168.221.73ip-184-168-221-73.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-11-27 01:48:002018-12-06 01:49:37184.168.221.81ip-184-168-221-81.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-12-21 01:49:102018-12-22 01:48:28184.168.221.86ip-184-168-221-86.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-12-08 01:48:55never184.168.221.87ip-184-168-221-87.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-12-18 01:46:52never184.168.221.93ip-184-168-221-93.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-12-27 01:04:162017-12-28 01:04:40184.168.221.96ip-184-168-221-96.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2016-11-17 13:11:122017-12-26 01:04:11209.99.40.222209-99-40-222.fwd.datafoundry.comNot listedAS40034TEXASNET-ASN - YHC Corporation, US- United States (US)
no2016-11-17 05:50:392017-12-25 01:41:05209.99.40.223209-99-40-223.fwd.datafoundry.comNot listedAS40034TEXASNET-ASN - YHC Corporation, US- United States (US)
no2018-12-23 01:48:29never50.63.202.65ip-50-63-202-65.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-11-24 01:48:172018-12-17 01:48:1750.63.202.71ip-50-63-202-71.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-11-20 01:49:222018-12-16 01:47:2350.63.202.73ip-50-63-202-73.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-11-28 01:48:112018-12-07 01:49:4850.63.202.75ip-50-63-202-75.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-12-24 01:49:49never50.63.202.92ip-50-63-202-92.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-12-29 01:49:452018-11-19 01:49:1367.227.226.240Not listedAS32244LIQUID-WEB-INC - Liquid Web, L.L.C, US- United States (US)

# IPs found: 16 (max. 25)

Dropped files

Latest 100 files (malware samples) dropped by this distribution site.

Firstseen (UTC)MD5 hashFilesizeVTSignature
2017-03-02 02:01:07ecc46e85ec268cc064bac67321e65f1b14'391 bytesn/an/a
2016-11-03 12:09:453cd528001c2e360e411579fa334d0c08119'296 bytesVirustotal results 47/60 (78.33%) n/a

Unique dropped files: 2