Locky Distribution Site :: 91ise.info

Host Information

Locky Distribution Site:91ise.info
Threat:Distribution Site
Malware:Locky
URL:http://91ise.info/pcre0ri4
Host Status:offline
Blacklist check:Spamhaus DBL:Not Listed
 SURBL:Not Listed
Domain Registar:GoDaddy.com, LLC
Nameserver(s):ns59.domaincontrol.com
 ns60.domaincontrol.com
Firstseen (UTC):2016-09-29 09:42:31
Lastseen (UTC):never

Associated IP addresses

The table below shows all ip addresses (e.g. A records) associated with this Locky Distribution Site. In case the host is a domain name, the table also shows a history of previous A records if there are any.

Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address).

yes = Active A record
no = Historical record
)
Firstseen (UTC)Lastseen (UTC)IP addressHostnameSBLAS numberAS nameCountry
yes2019-07-29 04:04:232019-09-16 04:04:3923.89.37.171171.37-89-23.rdns.scalabledns.comNot listedAS18978ENZUINC-US - Enzu Inc, US- United States (US)
no2016-09-29 10:31:582016-10-02 08:21:33204.13.67.248Not listedAS23338- United States (US)
no2019-01-18 04:10:492019-02-17 04:04:2650.63.202.94ip-50-63-202-94.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-01-19 04:09:452019-02-18 04:04:5750.63.202.92ip-50-63-202-92.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-01-21 04:08:392019-02-16 04:05:5450.63.202.80ip-50-63-202-80.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-01-23 04:12:262019-02-15 04:04:4650.63.202.75ip-50-63-202-75.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-01-16 04:10:01never50.63.202.66ip-50-63-202-66.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-01-17 04:10:572019-02-07 04:04:4650.63.202.64ip-50-63-202-64.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-07-25 04:04:00never50.63.202.62ip-50-63-202-62.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-09-23 01:20:552019-07-22 04:03:5450.63.202.52ip-50-63-202-52.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-07-20 04:03:35never50.63.202.43ip-50-63-202-43.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-09-24 01:21:242017-11-13 01:24:5823.88.3.18mail4.gwcteam.comNot listedAS18978ENZUINC-US - Enzu Inc, US- United States (US)
no2018-01-09 01:32:052018-07-18 04:18:5323.225.204.234Not listedAS40065CNSERVERS - CNSERVERS LLC, US- United States (US)
no2016-10-03 19:56:152017-05-13 01:21:42103.229.126.235Not listedAS55933TOINTER-AS-AP Royal Network Technology C[...]- Taiwan (TW)
no2016-10-02 09:31:222016-10-03 14:08:45204.13.67.207Not listedAS23338ASN-DCS-01 - DCS Pacific Star, LLC, US- United States (US)
no2018-07-19 04:18:512019-01-13 04:11:06192.151.229.222192-151-229-222.ceranetworks.comNot listedAS40065POWERLINE-AS-AP POWER LINE (HK) CO., LIM[...]- United States (US)
no2019-02-01 04:06:392019-02-12 04:03:15184.168.221.95ip-184-168-221-95.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-01-14 04:11:29never184.168.221.89ip-184-168-221-89.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-01-20 04:10:452019-02-19 04:04:47184.168.221.84ip-184-168-221-84.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-01-22 04:08:49never184.168.221.77ip-184-168-221-77.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-01-15 04:09:58never184.168.221.66ip-184-168-221-66.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-07-26 04:03:21never184.168.221.60ip-184-168-221-60.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-07-27 04:04:532019-07-28 04:05:15184.168.221.57ip-184-168-221-57.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-07-18 04:02:572019-07-24 04:03:15184.168.221.35ip-184-168-221-35.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-07-21 04:02:22never184.168.221.33ip-184-168-221-33.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)

# IPs found: 25 (max. 25)

Dropped files

Latest 100 files (malware samples) dropped by this distribution site.

Firstseen (UTC)MD5 hashFilesizeVTSignature
2016-09-29 10:31:557321840b590b0879fd7ddc3ab39b6961157'700 bytesn/an/a

Unique dropped files: 1